Description

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing credentials.

INFO

Published Date :

2025-04-25T00:00:00.000Z

Last Modified :

2025-04-25T14:28:05.811Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-46599 vulnerability.

Vendors Products
K3s
  • K3s
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-46599.

URL Resource
https://cloud.google.com/kubernetes-engine/docs/how-to/disable-kubelet-readonly-port cve-icon cve-icon
https://github.com/f1veT/BUG/issues/2 cve-icon cve-icon
https://github.com/k3s-io/k3s/commit/097b63e588e3c844cdf9b967bcd0a69f4fc0aa0a cve-icon cve-icon
https://github.com/k3s-io/k3s/compare/v1.32.3+k3s1...v1.32.4-rc1+k3s1 cve-icon cve-icon
https://github.com/k3s-io/k3s/issues/12164 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact