Vulnerabilities > CVE-2021-25735 - Unspecified vulnerability in Kubernetes
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
NONE Integrity impact
HIGH Availability impact
HIGH Summary
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.