Security researchers have recently found out that Kubernetes cloud platforms have a big security bug which offers hackers the privilege to access the software applications running on the nodes.
Note- Kubernetes is a software intuitive tool which offers easy management access to large numbers of containers similar to virtual machines running on multiple operating systems on a single physical computer. But the technicality behind the Kubernetes is that it offers only those services which are needed by a container for a particular application run such as ADs, Systems Libraries, and software dependencies. As management of multiple containers is a big challenge, Google developed Kubernetes do that by grouping them into pods.
Now, coming back to the vulnerability, the Kubernetes team has identified the flaw as CVE-2018-1002105 and says that the flaw lays in the Kubernetes API Server- a software tool that offers users the privilege to send instructions to pods over an HTTP API.
Getting further into the detail, in general, an API server approves user requests via certificate-based authentication. But when a user request is malformed, it is returned as an error and the server leaves the line of communication open so that further requests can go to/fro without verifying the user. As the issue enables the regular user to get admin privileges to access the container, it could rain data to hackers, bringing the running apps to a halt or run their own malicious commands.
Kubernetes says that it has already offered the fix to the flaw and those who have the support to automated patches will/should be protected. Those who chose for manual security patches should hurry up before something thwarting happens.
