Kubernetes.Dashboard.Auth.Bypass.Information.Disclosure
Description
This indicates an attack attempt to exploit an information disclosure vulnerability in Kubernetes Dashboard.
A remote attacker can exploit this vulnerability through a crafted HTTP GET request. Successful exploitation allows access to the TLS certificate and private key of a Kubernetes Dashboard application
Affected Products
Kubernetes Dashboard prior to 1.10.1
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor supplied advisory:
https://github.com/kubernetes/dashboard/pull/3289
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |