#ContainerOrchestration

Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints

by

March 14, 2024 at 07:57AM Akamai issued a warning about a high-severity Kubernetes vulnerability, CVE-2023-5528, affecting default installations. The issue allows arbitrary code execution with System privileges on Windows endpoints when creating a pod with a local volume. Akamai provided a PoC exploit and advised upgrading to Kubernetes version 1.28.4, even for clusters without Windows … Read more

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets

by

November 22, 2023 at 12:30PM Researchers at Aqua Security have discovered that hundreds of organizations and open-source projects are at risk due to the public exposure of Kubernetes configuration secrets. This vulnerability poses a severe supply chain attack threat as sensitive environments in the Software Development Life Cycle (SDLC) can be accessed. Aqua Security found … Read more