Lucene search
Cloud FoundryCFOUNDRY:EB1ED45F52CCDCEC047C4210789DEF1EHistoryJan 04, 2019 - 12:00 a.m.
CVE-2018-18264: Kubernetes Dashboard TLS Certificate Leak | Cloud Foundry
2019-01-0400:00:00
Cloud Foundry
www.cloudfoundry.org
13
Severity
High
Vendor
Cloud Foundry Foundation
Affected Cloud Foundry Products and Versions
- Cloud Foundry Container Runtime (CFCR)
- All versions prior to 0.26.0
Description
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboardβs Service Account for reading secrets within the cluster.
Mitigation
Users of affected versions should apply the following mitigations or upgrades:
- Releases that have fixed this issue include:
- CFCR version 0.26.0
History
2019-01-04: Initial vulnerability report published.
Related
veracode
veracode
Authentication Bypass
2019-01-04 06:29:41
redhatcve
redhatcve
CVE-2018-18264
2019-01-03 09:50:10
nuclei
nuclei
Kubernetes Dashboard <1.10.1 - Authentication Bypass
2022-03-03 17:02:39
checkpoint_advisories
checkpoint_advisories
osv
osv
CVE-2018-18264
2019-01-03 01:29:00
prion
prion
Authentication flaw
2019-01-03 01:29:00
openvas
openvas
Kubernetes Dashboard < 1.10.1 Authentication Bypass Vulnerability
2019-01-04 00:00:00
cve
cve
CVE-2018-18264
2019-01-03 01:29:00
photon
photon
oraclelinux
oraclelinux
kubernetes kubeadm-upgrade kubeadm-ha-setup security update
2019-04-13 00:00:00
kubernetes kubeadm-ha-setup kubeadm-upgrade security update
2020-04-17 00:00:00
Related for CFOUNDRY:EB1ED45F52CCDCEC047C4210789DEF1E