CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager

Overview

Severity

Medium (CVSS 5.8)

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

Exploit Status

Not Exploited

Patch Tuesday

2025-Dec

Released

2025-12-16

Last Updated

2026-01-08

EPSS Score

0.01% (percentile: 1.9%)

Affected Products (4)

Other

• 20794-17084
• 20713-17084
• 20364-17086
• 20769-17086

Revision History

• 2025-12-16: Information published.
• 2025-12-30: Information published.
• 2025-12-30: Information published.
• 2026-01-02: Information published.
• 2026-01-08: Information published.