KSOC reveals top Kubernetes vulnerabilities

The Kubernetes Security Operations Center has released a list of eight existing vulnerabilities in Kubernetes that IT teams need to focus on as they are the most likely to be exploited by malicious actors, Cloud Native Now reports. These include the vulnerability designated CVE 2021-3121, which is linked to a flaw in Kubernetes GoGo protobuf compiler in versions earlier than 1.3.2.The flaw involves using a malicious protobuf message to cause panic and potentially cause information disclosure, denial of service, or data manipulation against the victim. Another flaw, designated CVE 2020-8559, has had multiple proofs-of-concept already disclosed. The vulnerability can enable an attacker to intercept and redirect certain upgrade requests to the kubelet. This may then allow them to obtain credentials necessary to gain control of other nodes and essential gain privilege escalation and lateral movement capabilities. The flaws severity may be escalated in cases where multiple clusters share the same certificate authority.