Source |
The Hacker News |
Identifiant |
4296741 |
Date de publication |
2022-03-17 00:37:22 (vue: 2022-03-17 08:05:55) |
Titre |
New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers |
Texte |
A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host.
"Invocation of CVE-2022-0811 can allow an attacker to perform a variety of actions on objectives, including execution of malware, exfiltration of data, and lateral movement across pods," CrowdStrike |
Envoyé |
Oui |
Condensat |
0811 2022 access across actions allow attacker attackers break called cr8escape could can container containers cri crowdstrike cve data disclosed engine escape execution exfiltration exploited host including invocation kubernetes lateral lets malware movement new newly objectives obtain out perform pods root security variety vulnerability |
Tags |
Vulnerability
|
Stories |
Uber
|
Notes |
|
Move |
|