Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎12-27-2020 07:14 PM
‎12-27-2020 07:14 PM

Preventing Kubernetes Man-in-the-Middle Attacks

On December 7th, 2020 the Kubernetes Product Security Committee disclosed a security issue that affects every multi-tenant Kubernetes cluster.

 

If an attacker can create or edit services and pods, then they can also intercept traffic from other pods in the cluster. This issue has been rated medium severity (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2), and assigned CVE-2020-8554. Notably, NO PATCH is available.

 

Protecting Kubernetes clusters pretty much sums up my December. Here are some tips using my favorite tools for detection. Stay safe and have fun protecting your Cloud!

Reply
0 Replies