April 17, 2024 at 03:31PM
OpenMetadata’s open source metadata repository has been actively exploited since April, allowing threat actors to execute cyberattacks against unpatched Kubernetes clusters. Researchers identified five vulnerabilities affecting versions preceding v1.3.1. Cybercriminals are leveraging these vulnerabilities for cryptocurrency mining and may engage in further malicious activities. OpenMetadata administrators are urged to update and implement strong authentication.
Based on the meeting notes, the key takeaways are:
1. OpenMetadata’s open source metadata repository has been actively exploited since April, allowing threat actors to launch remote code execution cyberattacks against unpatched Kubernetes clusters.
2. Researchers have identified five new vulnerabilities (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, CVE-2024-28254) affecting OpenMetadata versions preceding v1.3.1.
3. Cybercriminals have exploited vulnerable Kubernetes environments for cryptocurrency mining, highlighting the importance of addressing these vulnerabilities promptly.
4. Microsoft researcher Yossi Weizman warns that once attackers have control over a workload in the cluster, they can engage in lateral movement and malicious activities within and outside the cluster.
5. OpenMetadata administrators are advised to update, use strong authentication, and reset any default credentials in use to mitigate the risks associated with these vulnerabilities.