Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-25736
PUBLISHED
More InfoOfficial Page
Assigner-kubernetes
Assigner Org ID-a6081bf6-c852-4425-ad4f-a67919267565
View Known Exploited Vulnerability (KEV) details
Published At-30 Oct, 2023 | 02:19
Updated At-12 Jun, 2025 | 14:42
Rejected At-
▼CVE Numbering Authority (CNA)
Windows kube-proxy LoadBalancer contention

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. Clusters where the LoadBalancer controller sets the “status.loadBalancer.ingress[].ip” field are unaffected.

Affected Products
Vendor
KubernetesKubernetes
Product
Kubernetes
Repo
https://github.com/kubernetes/kubernetes
Modules
  • Kube-Proxy
Platforms
  • Windows
Default Status
unaffected
Versions
Affected
  • From 0 through v1.20.5 (v1.20.5)
Metrics
VersionBase scoreBase severityVector
3.15.8MEDIUM
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Version: 3.1
Base score: 5.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

This issue has been fixed in the following versions: * v1.21.0 * v1.20.6 * v1.19.10 * v1.18.18

Configurations
Workarounds
Exploits
Credits
finder
Eric Paris
finder
Christian Hernandez
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/kubernetes/kubernetes/pull/99958
N/A
https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
N/A
https://security.netapp.com/advisory/ntap-20231221-0003/
N/A
Hyperlink: https://github.com/kubernetes/kubernetes/pull/99958
Resource: N/A
Hyperlink: https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20231221-0003/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/kubernetes/kubernetes/pull/99958
x_transferred
https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
x_transferred
https://security.netapp.com/advisory/ntap-20231221-0003/
x_transferred
Hyperlink: https://github.com/kubernetes/kubernetes/pull/99958
Resource:
x_transferred
Hyperlink: https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20231221-0003/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-114CWE-114 Process Control
Type: CWE
CWE ID: CWE-114
Description: CWE-114 Process Control
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found