CVE•Published 2021-01-21•Modified 2026-06-01•1 article on news•7 live references•NVD data
CVE-2020-8554Kubernetes · Kubernetes
Vulnerability data via NVD (ingested)
CVSS v3.1
6.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS percentile
96
Exploit Prediction Scoring System · top 4% of all CVEs
Weaknesses (CWE)
Description
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
Timeline
Published 2021-01-21
Modified 2026-06-01
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag0 hosts
vuln:CVE-2020-8554Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product
product:"Kubernetes Kubernetes"All exposed Kubernetes Kubernetes instances — cross-reference with the CVE's affected-version range.
Shodan · banner/body mention
http.html:"Kubernetes"HTTP body or banner mentions "Kubernetes" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2020-8554Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2020-8554Censys host search filtered to this CVE id.
grep.app
CVE-2020-8554Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2020-8554GitHub code search for direct mentions.
Google dork
"CVE-2020-8554" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (8)
CVE-2020-85548 repos
cdk-team/CDKGo
📦 Make security testing of K8s, Docker, and Containerd easier.
neargle/re0-kubernetes-sec-archiveShell
:atom: [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐
Metarget/metargetPython
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
SexyBeast233/SecBooksHTML
安全类各家文库大乱斗
aflnet/aflnetC
AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf)
kubemod/kubemodGo
Universal Kubernetes mutating operator
MY0723/FLUX-Webscanunknown
FLUX 是一款专业的Web安全扫描工具,JS敏感信息收集、API端点提取、API文档解析、页面爬取、子域名发现、漏洞测试、WAF检测与绕过、JS代码分析等功能。
PhilipSchmid/k8s-home-labunknown
Setup for a K8s home lab running on a single host (e.g. Intel NUC)