[email protected] – Kubernetes: Server Side Request Forgery via kube-controller-manager, analyzed on 02/06/2020

CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesDBMS
The [email protected] team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.Synthesis of the vulnerability An attacker can trigger a Server Side Request Forgery via kube-controller-manager of Kubernetes, in order to force the victim to perform operations.