PT-2020-20209 · Kubernetes+1 · Kubernetes+1

Derek0405

Published

2020-10-15

Updated

2025-08-08

CVE-2020-8563

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Kubernetes versions prior to 1.19.3

Description A sensitive information leak occurs via log files in Kubernetes. This issue affects Kubernetes clusters using VSphere as a cloud provider, where the logging level is set to 4 or above, causing VSphere cloud credentials to be leaked in the cloud controller manager's log.

Recommendations For versions prior to 1.19.3, update to version 1.19.3 or later to resolve the issue. As a temporary workaround, consider reducing the logging level to below 4 to minimize the risk of credential leakage. Restrict access to the cloud controller manager's log to prevent unauthorized access to sensitive information.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

ALT-PU-2021-1227

ALT-PU-2021-1495

ALT-PU-2022-1245

CVE-2020-8563

GHSA-5XFG-WV98-264M

GO-2024-2755

OPENSUSE-SU-2025:15424-1

RHSA-2020:5260

Affected Products

Alt Linux

Kubernetes

PT-2020-20209 · Kubernetes+1 · Kubernetes+1

CVE-2020-8563

Weakness Enumeration

Related Identifiers

Affected Products

References · 62