Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)

CERT-LatestNews ThreatsCybercrime Uncategorized VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCrypto VulnerabilitiesGoogle VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesNetwork VulnerabilitiesOS

Executive Summary. A security issue assigned CVE-2020-8558 was recently discovered in the kube-proxy, a networking component running on Kubernetes nodes. The issue exposed internal services of Kubernetes nodes, often run without authentication. On certain Kubernetes deployments, this could have….