Wednesday, October 4, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • Play the Password Game!
  • Automated Incident Response with Rapid7 and Smart SOAR
  • DevSecOps Trend Drivers
  • DEF CON 31 - Daniel Wegemer’s ‘Unlocking Hidden Powers In Xtensa Based Qualcomm Wifi Chips’
  • Fortifying Cybersecurity in the Finance Industry with Managed Detection & Response
Cloud Security SBN News Security Bloggers Network 

Home » Cybersecurity » Cloud Security » Critical Vulnerability Uncovered In Kubernetes

SBN

Critical Vulnerability Uncovered In Kubernetes

by Ben Layer on December 4, 2018

The first major security flaw has been uncovered in Kubernetes, the popular container orchestration system developed by Google. The vulnerability, identified as CVE-2018-1002105, carries a critical CVSS V3 rating of 9.8 due to low attack complexity, requiring no special privileges, and a network attack vector.

AWS Builder Community Hub

The vulnerability is triggered when specially crafted requests allow users to establish a connection through the Kubernetes API sever to a backend sever. Attackers can use this established channel to execute arbitrary requests on that backend.

In default configurations, any user, even unauthenticated ones, are capable of performing requests to exploit this vulnerability, greatly enhancing the possibility of mass exploitation.

To further compound the issue, no internal method of detecting exploitation of this vulnerability exists. Since the unauthorized malicious requests are performed over a valid, trusted connection, they do not appear in the Kubernetes API server audit log. Use of monitoring tools to detect unauthorized changes can help to indicate compromise and are highly beneficial in cases such as this.

Users of hosted Kubernetes solutions should be informed as to whether their provider has applied patches. Both Microsoft Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE) have been upgraded to non-vulnerable versions; other providers may still be working on fixing the issue.

For users running their own Kubernetes systems, fixes for this vulnerability exist in versions 1.10.11, 1.11.5, 1.12.3 and 1.13.0-rc1. Users can and should obtain patches from the open source release artifacts or their software vendors.

Mitigations for CVE-2018-1002105 include disabling anonymous requests and suspending use of aggregated API servers, which will likely be disruptive in any operating environment.

Updating to a non-vulnerable version as soon as possible is highly encouraged.

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ben Layer. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/critical-vulnerability-uncovered-in-kubernetes/

December 4, 2018December 4, 2018 Ben Layer CVSS, Cyber Security, Kubernetes, Latest Security News, vulnerability
  • ← Hide ‘N Seek Botnet expands | Avast
  • Mobile Trends during the US Holiday Weekend →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Wed 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Mon 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Tue 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Wed 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Thu 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Tue 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Tue 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm
Thu 26

How to Shift Left the Right Way

October 26 @ 3:00 pm - 4:00 pm
Mon 30

Zero-Trust

October 30 @ 1:00 pm - 2:00 pm
Tue 31

AppSec 101: Complete Application Security Across the SDLC

October 31 @ 11:00 am - 12:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

Broken ARM: Mali Malware Pwns Phones
Don’t Say ‘Skynet’ — NSA’s AI Security Center is New Hub for Agency Efforts
Using ML to Accelerate Incident Management
Boards are Finally Taking Cybersecurity Seriously
Wake-Up Call: New SEC Disclosure Rules Spark Incident Response Revolution
DEF CON 31 – Joseph Gabay’s ‘Warshopping- Phreaking Smart Shopping Cart Wheels Through RF Sniffing’
2023 OWASP Top-10 Series: API10:2023 Unsafe Consumption of APIs
Google Chrome Heap Buffer Overflow Vulnerability (CVE-2023-5217) Notification
Avoid libwebp Electron Woes On macOS With positron
The CVE-2023-5217 Deja Vu – Another Actively Exploited Chrome Vulnerability Affecting a WebM Project Library (libvpx)

Download Free eBook

The State of Cloud Native Security 2020

Industry Spotlight

Two Campaigns Drop Malicious Packages into NPM
Cybersecurity Data Security DevOps Featured Industry Spotlight Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence 

Two Campaigns Drop Malicious Packages into NPM

October 4, 2023 Jeffrey Burt | Yesterday 0
AWS’ MadPot Honeypot Operation Corrals Threat Actors
Cloud Security Cybersecurity Data Security Featured Incident Response Industry Spotlight Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

AWS’ MadPot Honeypot Operation Corrals Threat Actors

October 3, 2023 Jeffrey Burt | 1 day ago 0
Broken ARM: Mali Malware Pwns Phones
Analytics & Intelligence API Security Application Security AppSec Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight IOT IoT & ICS Security Malware Mobile Security Most Read This Week News Popular Post Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Social Engineering Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

Broken ARM: Mali Malware Pwns Phones

October 3, 2023 Richi Jennings | 1 day ago 0

Top Stories

Nutanix Simplifies Data Recovery to Thwart Ransomware Attacks
Analytics & Intelligence Cybersecurity Data Security Featured Incident Response Malware News Security Boulevard (Original) Social - Facebook Spotlight Threat Intelligence 

Nutanix Simplifies Data Recovery to Thwart Ransomware Attacks

October 4, 2023 Michael Vizard | Yesterday 0
Akamai Sees Surge of Cyberattacks Aimed at Financial Services
Analytics & Intelligence Application Security Cybersecurity Data Privacy Data Security Featured Governance, Risk & Compliance Incident Response Malware News Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Akamai Sees Surge of Cyberattacks Aimed at Financial Services

October 3, 2023 Michael Vizard | 1 day ago 0
Threat Groups Accelerating the Use of Dual Ransomware Attacks
Analytics & Intelligence Cybersecurity Data Security Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Threat Groups Accelerating the Use of Dual Ransomware Attacks

October 2, 2023 Jeffrey Burt | 2 days ago 0

Security Humor

Randall Munroe’s XKCD ‘A Halloween Carol’

Randall Munroe’s XKCD ‘A Halloween Carol’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.