Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8561
ATT&CK techniques detected
T1190Exploit Public-Facing Application
80%
“unpatchable vulnerabilities of kubernetes : cve - 2020 - 8561 in the last post, we started our examination of unpatchable vulnerabilities in kubernetes with a look at cve - 2020 - 8554, which relates to a possible traffic hijack attack in multi - tenant clusters. for this post, w…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1613Container and Resource Discovery
77%
“the attacker causes a node component, such as the kubelet, to make requests on their behalf. this class of attack can be significant when the kubelet has access to services like cloud metadata systems that might store credentials. for more details about the various ssrf vulnerabi…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1613Container and Resource Discovery
71%
“' s logging level for debugging purposes. more background information about kubernetes profiling is available in taking a look at kubernetes profiling. cve - 2020 - 8561 overview and mitigation now that we ’ ve covered ssrf vulnerabilities and kubernetes profiling, let ' s look a…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1610Deploy Container
32%
“- 8561 technical details the user who wants to execute this attack must have valid kubernetes credentials and elevated privileges, typically cluster - admin. as we mentioned earlier, it is possible for an attacker with access to the profiling endpoints on the kube - apiserver com…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
A look at how Kubernetes CVE-2020-8561 works