Kubernetes.API.Server.Remote.Privilege.Escalation
Description
This indicates an attack attempt to exploit an Elevation of Privilege vulnerability in Kubernetes.
The vulnerability is due to incorrect handling of error responses to proxied upgrade requests in the kube-apiserver. A remote attacker may be able to exploit this to elevate their privileges, via a crafted HTTP request.
Affected Products
Kubernetes Kubernetes 1.12.2
Kubernetes Kubernetes 1.12.1
Kubernetes Kubernetes 1.12
Kubernetes Kubernetes 1.11.4
Kubernetes Kubernetes 1.11.3
Kubernetes Kubernetes 1.11.2
Kubernetes Kubernetes 1.11.1
Kubernetes Kubernetes 1.11
Kubernetes Kubernetes 1.10.10
Kubernetes Kubernetes 1.10.9
Kubernetes Kubernetes 1.10.8
Kubernetes Kubernetes 1.10.7
Kubernetes Kubernetes 1.10.6
Kubernetes Kubernetes 1.10.5
Kubernetes Kubernetes 1.10.4
Kubernetes Kubernetes 1.10.3
Kubernetes Kubernetes 1.10.2
Kubernetes Kubernetes 1.10.1
Kubernetes Kubernetes 1.10
Kubernetes Kubernetes 1.9
Kubernetes Kubernetes 1.0
Impact
Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/kubernetes/kubernetes/issues/71411
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |