Source: thenewstack.io
Red Hat: Why CVE2020-8554 Is No Kubernetes ApocalypseCategory: Kubernetes, containerization, github
Red Hat sponsored this post. Red Hat would like to stand up for Kubernetes and the Cloud Native Computing Foundation to defend its work on fixing this issue.
At issue is the fact that Kubernetes users can get into the middle of traffic that is being routed to and from the Kubernetes cluster, by exploiting an unrestricted service property.
For OpenShift, Red Hat’s enterprise Kubernetes offering, we had to find a solution to this flaw that would work for our customers, for our on-demand self-managed solutions, and for the OpenShift installations users were handling themselves.
The issue is that a generic solution for this problem is not easy to find.
At issue is the fact that Kubernetes users can get into the middle of traffic that is being routed to and from the Kubernetes cluster, by exploiting an unrestricted service property.
For OpenShift, Red Hat’s enterprise Kubernetes offering, we had to find a solution to this flaw that would work for our customers, for our on-demand self-managed solutions, and for the OpenShift installations users were handling themselves.
The issue is that a generic solution for this problem is not easy to find.
Related Articles
Community Partners
DevOps Careers