Kubernetes Vulnerability Hits Top of Severity Scale

The security issue strikes at some of the basic reasons for the rising popularity of containers as an architecture and Kubernetes as an orchestration mechanism.

The first major security vulnerability – 9.8 out of a possible 10 – in Kubernetes was disclosed earlier this week.

The vulnerability (CVE-2018-1002105) allows for privilege escalation and can be accessed by both authorized and unauthorized users. For authorized users with “attach,” “exec,” or “portforward” privileges, escalating those to admin privileges that allow any process to be executed is trivial.

And for anyone at all, an API used in three specific modules will allow a query that returns values that can be used to raise privileges to admin level for any API deployed on the container cluster.

Fortunately for Kubernetes users, two fixes are available for the vulnerability. The first is to update any deployed Kubernetes instances to versions 1.10.11, 1.11.5, 1.12.3 and 1.13.0-rc1. Each has been patched to remediate the vulnerability. Major cloud service providers also have announced that they have patched their instances, and the question is appropriate for any Kubernetes provider.

Read more: Dark Reading 

Latest Articles

Interactive Demo: Kubernetes Security Workshop

Abstract If you are starting out on your Kubernetes journey with limited resources and an abundance of questions, please join us for our Hands-on Kubernetes Workshop. Our team of Kubernetes and security experts from GlobalDots, Cloudical, and Octarine are coming together to provide solutions for unavoidable risks when deploying a new environment, and to showcase […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
12th April, 2021
Webinar: Kubernetes Security – How to Build it Right the First Time

If you need to update or create a new Kubernetes environment, we explain how to do it securely by design. Join Kubernetes and security experts from GlobalDots, Cloudical, and Octarine as they come together to share best practices for approaching security risks when transitioning to Kubernetes or updating an existing environment. How One AI-Driven Media […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
12th April, 2021

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services