On December 7th, 2020 the Kubernetes Product Security Committee disclosed a security issue that affects every multi-tenant Kubernetes cluster.
If an attacker can create or edit services and pods, then they can also intercept traffic from other pods in the cluster. This issue has been rated medium severity (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2), and assigned CVE-2020-8554. Notably, NO PATCH is available.
Protecting Kubernetes clusters pretty much sums up my December. Here are some tips using my favorite tools for detection. Stay safe and have fun protecting your Cloud!