The Kubernetes Product Safety Committee has provided advice on how to temporarily prevent attackers from exploiting a vulnerability that would allow them to monitor traffic from other pods to Kubernetes multi-hire clusters in man-in-the-middle (MiTM) attacks. .
Kubernetes (also known as K8s), originally developed by Google and now maintained by the Cloud Native Computing Foundation, is a system open source Designed to help automate the development, scaling, and management of workloads, services, and applications that facilitate both configuration and automation.
Affected services are not widely developed
The issue of moderate severity is referred to as CVE-2020-8554 and was reported by Aienvia's Etienne Champetier.
It can be used remotely by intruders with basic tenant rights (such as creating or editing services and pods) without user interaction as part of low-level attacks complexity.
The CVE-2020-8554 is a design flaw that affects all versions of Kubernetes, with multi-tenant clusters allowing tenants to create and update services and pods being the most vulnerable to attacks.
Fortunately, the vulnerability should affect a small number of Kubernetes deployments, as external IP services do not they are used extensively in multi-tenant clusters.
How to block CVE-2020-8554 exploits
Because the Kubernetes development team has not yet provided a security update to address this issue, is recommended to managers to mitigate CVE-2020-8554 by limiting it access to the vulnerable possibilities.
Source of information: bleepingcomputer.com