{"vulnerability": "CVE-2021-25735", "sightings": [{"uuid": "56f74c2e-716d-455c-b4dc-a8820b68f632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25735", "type": "seen", "source": "https://t.me/k8security/265", "content": "CVE-2021-25735: Validating Admission Webhook does not observe some previous fields\n\n\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 Medium (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 kube-apiserver \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 Node \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 Validating Admission Webhook\n\n\u041f\u043e\u0434 \u0432\u043b\u0438\u044f\u043d\u0438\u0435\u043c \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 validating admission plugins, \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 NodeRestriction \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f.", "creation_timestamp": "2021-04-15T05:41:02.000000Z"}, {"uuid": "09ccc5f2-ba3d-493e-b2ec-2e0fb0af4297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25735", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/490", "content": "CVE-2021-25735 Kubernetes \u51c6\u5165\u6a5f\u5236\u7e5e\u904e\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-25735_Kubernetes_%E5%87%86%E5%85%A5%E6%A9%9F%E5%88%B6%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-22T02:30:17.000000Z"}, {"uuid": "04137799-c799-45e0-a2d4-6030497716ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25735", "type": "seen", "source": "https://t.me/cibsecurity/28290", "content": "\u203c CVE-2021-25735 \u203c\n\nA security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-06T16:40:34.000000Z"}, {"uuid": "e79acdc1-7497-4bc7-9776-9ac69e3bb4e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25735", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3203", "content": "#exploit\nCVE-2021-25735: \nKubernetes Validating Admission Webhook Bypass (PoC)\nhttps://github.com/darryk10/CVE-2021-25735", "creation_timestamp": "2021-04-27T05:17:14.000000Z"}]}