CVE-2020-8558

Name: CVE-2020-8558
Creator: NVD / NIST
Published: 2020-07-27T20:15:12.413+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 3.60%

Last modified Jun 17, 2026

CVE-2020-8558 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.. EPSS estimates a 3.60% chance of exploitation in the next 30 days.

Description

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

3.60%

88.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-420

Affected Software

Vendor	Product	Versions
Kubernetes	Kubernetes	>= 1.1.0, <= 1.16.10
Kubernetes	Kubernetes	>= 1.17.0, <= 1.17.6
Kubernetes	Kubernetes	>= 1.18.0, <= 1.18.3

References

https://github.com/kubernetes/kubernetes/issues/92315Exploit, Mitigation, Patch, Third Party Advisory
https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJExploit, Mailing List, Mitigation, Third Party Advisory
https://security.netapp.com/advisory/ntap-20200821-0001/Third Party Advisory
https://github.com/kubernetes/kubernetes/issues/92315Exploit, Mitigation, Patch, Third Party Advisory
https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJExploit, Mailing List, Mitigation, Third Party Advisory
https://security.netapp.com/advisory/ntap-20200821-0001/Third Party Advisory

Timeline

Published: Jul 27, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-8558?

How severe is CVE-2020-8558?

CVE-2020-8558 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 3.60% probability of exploitation in the next 30 days.

How do I fix CVE-2020-8558?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-8558?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST