topic Preventing Kubernetes Man-in-the-Middle Attacks in Cloud Security https://community.isc2.org/t5/Cloud-Security/Preventing-Kubernetes-Man-in-the-Middle-Attacks/m-p/41957#M52 <P>On December 7th, 2020 the Kubernetes Product Security Committee disclosed a <A href="https://discuss.kubernetes.io/t/security-advisory-cve-2020-8554-man-in-the-middle-using-loadbalancer-or-externalips/14003" target="_blank" rel="noopener">security issue</A>&nbsp;that affects <STRONG>every multi-tenant Kubernetes cluster.</STRONG></P><P>&nbsp;</P><P>If an attacker can create or edit services and pods, then they can also intercept traffic from other pods in the cluster. This issue has been rated medium severity (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2), and assigned <STRONG>CVE-2020-8554</STRONG>. Notably, <STRONG>NO PATCH</STRONG> is available.</P><P>&nbsp;</P><P>Protecting Kubernetes clusters pretty much sums up my December. Here are some <A href="https://sysdig.com/blog/detect-cve-2020-8554-using-falco/" target="_blank" rel="noopener">tips</A> using my favorite tools for detection. Stay safe and have fun protecting your Cloud!</P> Mon, 09 Oct 2023 09:44:13 GMT AppDefects 2023-10-09T09:44:13Z Preventing Kubernetes Man-in-the-Middle Attacks https://community.isc2.org/t5/Cloud-Security/Preventing-Kubernetes-Man-in-the-Middle-Attacks/m-p/41957#M52 <P>On December 7th, 2020 the Kubernetes Product Security Committee disclosed a <A href="https://discuss.kubernetes.io/t/security-advisory-cve-2020-8554-man-in-the-middle-using-loadbalancer-or-externalips/14003" target="_blank" rel="noopener">security issue</A>&nbsp;that affects <STRONG>every multi-tenant Kubernetes cluster.</STRONG></P><P>&nbsp;</P><P>If an attacker can create or edit services and pods, then they can also intercept traffic from other pods in the cluster. This issue has been rated medium severity (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2), and assigned <STRONG>CVE-2020-8554</STRONG>. Notably, <STRONG>NO PATCH</STRONG> is available.</P><P>&nbsp;</P><P>Protecting Kubernetes clusters pretty much sums up my December. Here are some <A href="https://sysdig.com/blog/detect-cve-2020-8554-using-falco/" target="_blank" rel="noopener">tips</A> using my favorite tools for detection. Stay safe and have fun protecting your Cloud!</P> Mon, 09 Oct 2023 09:44:13 GMT https://community.isc2.org/t5/Cloud-Security/Preventing-Kubernetes-Man-in-the-Middle-Attacks/m-p/41957#M52 AppDefects 2023-10-09T09:44:13Z