It was only a matter of time, but the first major security exploit was found for Kubernetes. Discovered by Rancher Labs co-founder Darren Shepard, it’s a privilege escalation flaw that is, in the words of Ned Ryerson, a doozy.

via Gfycat

Essentially, any users on a node can use a API call to gain admin access to any compute node in a given Kubernetes clusters. To make matters worse, it all looks normal to the cluster, so it doesn’t generate any logs, and its very hard to know if it’s been exploited in the wild.

Luckily, patches are available, but only for versions 1.10.11 going forward. Older versions are out of luck, so maybe it’s time to upgrade?

Source: GitHub

TECHSTRONG TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Showcase

SHARE THIS STORY

RELATED STORIES:

AI Controversies Hit Enterprise IT | Gestalt IT Rundown: May 17, 2023

Is Kubernetes A Good Fit For Edge Computing?

Cloud Is Hard. Kubernetes Won’t Save You

ZEDEDA’s Edge Kubernetes Service Turns Edge Environments into Micro-Clouds