Gartner Report: Best Practices for Running Containers and Kubernetes in Production Download Today
{ .link_text }}

Posts under Kubernetes Vulnerability

How to Remediate Kubernetes Security Vulnerability: CVE-2019-11247

How to Remediate Kubernetes Security Vulnerability: CVE-2019-11247

A new Kubernetes security vulnerability was announced today, along with patch releases for the issue for Kubernetes versions 1.13, 1.14, and 1.15. CVE-2019-11247 discloses a serious vulnerability in the K8s API that could allow users to read, modify or delete cluster-wide custom resources, even if they only have RBAC permissions for namespaced resources. If your clusters aren’t using Custom Resource Definitions (CRDs), you aren’t affected. But CRDs have become a critical component of many Kubernetes-native projects like Istio, so many users are impacted.

New Kubernetes Security Vulnerabilities Disclosed: CVE-2019-1002101 and CVE-2019-9946

New Kubernetes Security Vulnerabilities Disclosed: CVE-2019-1002101 and CVE-2019-9946

Two Kubernetes security vulnerabilities were disclosed yesterday: CVE-2019-1002101, a high severity issue, and CVE-2019-9946, a medium severity issue. Read on for a description of the vulnerabilities and their impact, how to know whether you’re affected, and what the remediation steps are. CVE-2019-1002101: kubectl cp could replace or delete files on a user machine This vulnerability is in the kubectl binary – specifically, in the kubectl cp command. An attacker can exploit this vulnerability to write files to any path on the user’s machine, limited only by the system permissions of the local user.