Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover
Posted: Fri Dec 29, 2023 1:39 pm
An attacker with access to a Kubernetes cluster could chain two vulnerabilities in Google Kubernetes Engine (GKE) to escalate privileges and take over the cluster, cybersecurity firm Palo Alto Networks reports.
The issues, which may not pose a significant risk on their own, were identified in FluentBit, the default logging agent in GKE, and in Anthos Service Mesh (ASM), an optional add-on for controlling service-to-service communication within the environment.
[...]
Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover
The issues, which may not pose a significant risk on their own, were identified in FluentBit, the default logging agent in GKE, and in Anthos Service Mesh (ASM), an optional add-on for controlling service-to-service communication within the environment.
[...]
Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover