Skip to content

Prisma Cloud Compute Admission rules to mitigate Kubernetes CVE-2020-8554

Notifications You must be signed in to change notification settings

twistlock/k8s-cve-2020-8554-mitigations

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 

Repository files navigation

Prisma Cloud Compute Mitigations for Kubernetes CVE-2020-8554

This repository contains Prisma Cloud Compute Admission rules that mitigate exploitation of CVE-2020-8554, an unpatched Kubernetes vulnerability. To ensure correct usage, please follow the instructions provided in the 'Prisma Cloud Mitigation' section of our response post, Protecting Against Kubernetes CVE-2020-8554.

Kubernetes CVE-2020-8554

Kubernetes CVE-2020-8554 is a design flaw allowing services to intercept cluster traffic to certain IPs, by setting their .spec.exteralIPs or .status.loadBalancer.ingress[].ip fields to those IPs. Non-admin users that can create or update services, or patch services' status, can exploit the vulnerability to perform Man-in-The-Middle attacks against pods and nodes in the cluster in an attempt to escalate their privileges.

Further Reading

For more information, refer to Protecting Against Kubernetes CVE-2020-8554.

About

Prisma Cloud Compute Admission rules to mitigate Kubernetes CVE-2020-8554

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published