Another Week, Another Kubernetes Security Flaw

The latest security vulnerability discovered within the Kubernetes cluster orchestrator could allow intruders to access, modify or delete computing and storage resources configured across a cluster.

The flaw in the Kubernetes server API, designated CVE-2019-11247, allows access and deletion of those “custom resources.” Intruders could access cluster-wide resources with only standard role-based access control, or RBAC, permissions.

In response, Kubernetes security monitors who announced the vulnerability earlier this week pushed patch releases for the 1.13.9,1.14.5 and 1.15.2 versions of Kubernetes.

This week’s security vulnerability is the latest to plague the popular cluster orchestrator that is gaining widespread enterprise deployment for handling growing volumes of distributed applications.

In the latest instance, Kubernetes security monitors said “a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges).”

Previous releases of Kubernetes have emphasized security along with stability as vulnerabilities are exposed in accelerating enterprise deployments. Among the upgrades are expanded security for application containers running on the Microsoft Azure cloud.


Comments

Be the first to comment !



Related Posts


3 months, 1 week ago

Aporeto Launches Zero Trust Cloud Security Solution For Kubernetes Multi-cluster Deployments

Aporeto, the leader in Zero Trust Cloud Security, announced its cloud network security solution f..

3 months, 2 weeks ago

Migrating From Kubernetes Deployment to Knative Serving

When I talk about Knative, I often get questions on how to migrate an app from Kubernetes Deploym..

Bryan Betts , 4 months, 3 weeks ago

Kubernetes Catches up With Operational Reality

With Kubernetes now established in many organisations as the container orchestration platform of ..

3 months, 1 week ago

Open Sourcing The Kubernetes Security Audit

Last year, the Cloud Native Computing Foundation (CNCF) began the process of performing and open ..

3 months, 2 weeks ago

Cloud Native Application From Scratch - Kamil Hajduczenia

Ready to see some code? Containers, microservices, GKE, and more. Dive deep into application deve..

3 months, 3 weeks ago

Gitlab And Google Webcast - Running Containerized Applications on Modern Serverless Platforms

In this webcast, we'll walk through some of the benefits and challenges of using cloud-vendor-spe..

-->