Cve-2020-8558 !!top!! Review

: Connection refused. With CVE-2020-8558 : Metrics returned. 6. Mitigation & Patching 6.1 Official Fix Kubernetes v1.18.3+ adds explicit iptables rules to drop packets arriving on non-loopback interfaces destined for 127.0.0.0/8 unless specifically allowed.

Example rule added:

Negligible if fully updated, but legacy clusters remain exposed. Document version 1.0 – Security Research cve-2020-8558

This vulnerability was and assigned a CVSS v3 score of 5.9 (Medium) – later upgraded by some vendors to 7.5 due to practical exploitability in shared cluster environments. 2. Technical Root Cause 2.1 The route_localnet Setting Linux kernel parameter: : Connection refused