In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: kubernetes

Published: 2020-12-07T22:00:19.374983Z

Updated: 2024-09-17T00:05:58.669Z

Reserved: 2020-02-03T00:00:00

Link: CVE-2020-8565

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-07T22:15:21.400

Modified: 2024-11-21T05:39:02.543

Link: CVE-2020-8565

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-10-14T00:00:00Z

Links: CVE-2020-8565 - Bugzilla