One Article Review
| Source |  Vuln AWS |
|---|---|
| Identifiant | 8296119 |
| Date de publication | 2022-07-11 15:54:32 (vue: 2022-12-30 21:12:45) |
| Titre | Reported EKS IAM Authenticator Issue |
| Texte | Initial Publication Date: 2022/07/11 9:00 PST A security researcher recently reported an issue with the AWS IAM Authenticator for Kubernetes, used by Amazon Elastic Kubernetes Service (EKS). The researcher identified a query parameter validation issue within the authenticator plugin when configured to use the “AccessKeyID” template parameter within query strings. This issue could have permitted a knowledgeable attacker to escalate privileges within a Kubernetes cluster. Customers who do not use the “AccessKeyID” parameter are not affected by this issue. As of June 28, 2022, all EKS clusters worldwide have been updated with a new version of the AWS IAM Authenticator for Kubernetes, containing a fix for this issue. Customers who use the AWS IAM Authenticator for Kubernetes within Amazon EKS do not need to take any action to protect themselves. Customers who host and manage their own Kubernetes clusters, and who use the authenticator plugin's “AccessKeyID” template parameter should update the AWS IAM Authenticator for Kubernetes to version 0.5.9. We would like to thank Lightspin for reporting this issue. Security-related questions or concerns can be brought to our attention via aws-security@amazon.com. |
| Envoyé | Oui |
| Condensat | 2022 2022/07/11 9:00 action affected all amazon and any are attacker attention authenticator aws been brought can cluster clusters com concerns configured containing could customers date: eks elastic escalate fix for have host iam identified initial issue june knowledgeable kubernetes lightspin like manage need new not our own parameter permitted plugin privileges protect pst publication query questions recently related reported reporting researcher security security@amazon service should strings take template thank the their themselves this update updated use used validation version via when who with within worldwide would “accesskeyid” |
| Tags | |
| Stories | Uber |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.