CVE-2025-9708
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-11-04

Assigner: Kubernetes

Description
A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially intercept or manipulate communication with the Kubernetes API server, leading to possible man-in-the-middle attacks and API impersonation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-11-04
Generated
2026-05-07
AI Q&A
2025-09-17
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9708
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
kubernetes c%23_client 17.0.14
kubernetes c%23_client *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Kubernetes C# client involves improper certificate validation. The client accepts certificates from any Certificate Authority without properly verifying the trust chain, allowing attackers to use forged certificates to intercept or manipulate communication with the Kubernetes API server, potentially enabling man-in-the-middle attacks and API impersonation.


How can this vulnerability impact me? :

The vulnerability can allow a malicious actor to intercept or manipulate communication with the Kubernetes API server, leading to man-in-the-middle attacks and impersonation of the API. This can compromise the integrity and confidentiality of data and operations within the Kubernetes environment.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart