Westan Cyber Risk Solutions

If you use Kubernetes for container orchestration you must patch immediately.

“With a specially crafted network request, any user can establish a connection through the Kubernetes application programming interface (API) server to a backend server. Once established, an attacker can send arbitrary requests over the network connection directly to that backend. Adding insult to injury, these requests are authenticated with the Kubernetes API server’s Transport Layer Security (TLS) credentials.

Worse still, “In default configurations, all users (authenticated and unauthenticated) are allowed to perform discovery API calls that allow this escalation.” So, yes, anyone who knows about this hole can take command of your Kubernetes cluster.”
https://ift.tt/2rjVhx7
from Facebook https://ift.tt/2rjVhx7
via IFTTT

~ by Nick on December 3, 2018.

2 Responses to “Westan Cyber Risk Solutions”

  1. new balance

    nike corteznike air max sequentbabyadidas nmd r1

  2. womens fly softshell run jacket

    top winter warm new women long sweater turtle neck dresses slim casual knits sexy slits plus size sweater dressespre owned at therealreal herve leger mid rise wide leg pantsoff shoulder lace long bridesmaid maxi prom dress for wedding cps199evisu imita…

Comments are closed.