MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
kubernetes
Recherche

Critical RCE flaws put Kubernetes clusters at risk of takeover

mercredi 26 mars 2025, 15:53 , par InfoWorld
The Kubernetes project has released patches for five vulnerabilities in a widely used popular component called the Ingress NGINX Controller that’s used to route external traffic to Kubernetes services. If exploited, the flaw could allow attackers to completely take over entire clusters.

“Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering over 6,500 clusters, including Fortune 500 companies, that publicly expose vulnerable Kubernetes ingress controllers’ admission controllers to the public internet — putting them at immediate critical risk,” wrote researchers from cloud security firm Wiz who found and reported the flaws.

Continue reading on CSOonline.com
Lire la suite sur InfoWorld
https://www.csoonline.com/article/3854089/critical-rce-flaws-put-kubernetes-clusters-at-risk-of-take...

Voir aussi

kubernetes Martian Dust May Pose Health Risk To Humans Exploring Red Planet, Study Finds Slashdot29 Mar
clusters Cardiff's children's chief confirms data leak 2 months after cyber risk was 'escalated' TheRegister28 Mar
risk CrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug TheRegister27 Mar
critical What next for WASI on Azure Kubernetes Service? InfoWorld27 Mar
flaws London Bans Most E-Bikes on Public Transport Over Fire Risk Slashdot26 Mar
used Apple Barred From Google Antitrust Trial, $20 Billion Search Deal at Risk Slashdot26 Mar
our Trump Admin Plans to Cut Team Responsible for Critical Atomic Measurement Data Wired: Tech.25 Mar
over Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw TheRegister25 Mar
vulnerabilities 23andMe bankruptcy leaves your DNA at risk -- here’s how to delete your data before it’s too late BetaNews24 Mar
ingress Rethinking risk -- are you taking the right path around security? BetaNews24 Mar
controllers Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist TheRegister20 Mar
cloud French scientist denied entry to US after a search of his phone revealed messages critical of Trump BoingBoing20 Mar
put IBM scores perfect 10 ... vulnerability in mission-critical OS AIX TheRegister19 Mar
vulnerable FTC Removes Posts Critical of Amazon, Microsoft, and AI Companies Slashdot18 Mar
rce FTC Removes Posts Critical of Amazon, Microsoft, and AI Companies Wired: Tech.18 Mar
kubernetes Thousands of open source projects at risk from hack of GitHub Actions tool InfoWorld17 Mar
clusters What is KubeVirt? How does it migrate VMware workloads to Kubernetes? InfoWorld17 Mar
risk Developer wrote a critical app and forgot where it ran – until it stopped running TheRegister17 Mar
critical Meta Stops Ex-Director From Promoting Critical Memoir Slashdot13 Mar
flaws Mozilla Warns DOJ's Google Remedies Risk 'Death of Open Web' Slashdot13 Mar
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
dim. 30 mars - 22:39 CEST