PT-2020-20212 · Linux Foundation+4 · Kubernetes+3
Derek0405
+1
·
Published
2020-10-15
·
Updated
2025-08-08
·
CVE-2020-8566
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Kubernetes versions prior to 1.19.3
Kubernetes versions prior to 1.18.10
Kubernetes versions prior to 1.17.13
Description
In Kubernetes clusters using Ceph RBD as a storage provisioner, with a logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during the provisioning of Ceph RBD persistent claims.
Recommendations
For versions prior to 1.19.3, consider updating to version 1.19.3 or later to resolve the issue.
For versions prior to 1.18.10, consider updating to version 1.18.10 or later to resolve the issue.
For versions prior to 1.17.13, consider updating to version 1.17.13 or later to resolve the issue.
As a temporary workaround, consider reducing the logging level to below 4 to minimize the risk of sensitive information being written to logs.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Ceph Rbd
Kubernetes
Suse