Fedora: Security Advisory for slurm (FEDORA-2020-98a5098030)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

kubernetes: compromised node could escalate to cluster level privileges

A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other...

Update Rollup 10 for System Center 2016 Virtual Machine Manager

Update Rollup 10 for System Center 2016 Virtual Machine Manager Introduction This article describes the issues that are fixed in System Center Virtual Machine Manager 2016 UR10 release. There are two updates that are available for Virtual Machine Manager, one for the Virtual Machine Manager serve...

Support for Nutanix Clusters on AWS

Nutanix Clusters on AWS runs the core Nutanix HCI stack including Nutanix AOS, AHV, and Prism, along with all Nutanix products and services on bare metal EC2 instances on Amazon Web Services AWS. This allows you to migrate or extend applications from private clouds to AWS easily. Nutanix Clusters...

openSUSE Security Update : cni-plugins (openSUSE-2020-1049)

This update for cni-plugins fixes the following issues : cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...

openSUSE Security Update : cni-plugins (openSUSE-2020-1050)

This update for cni-plugins fixes the following issues : cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...

OPENSUSE-SU-2020:1050-1 Security update for cni-plugins

This update for cni-plugins fixes the following issues: cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2019-11254)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that could lead to a denial of service vulnerability from malicious YAML payloads CVE-2019-11254 Vulnerability Details CVEID: CVE-2019-11254 Description: Kubernetes is vulnerable to a denia...

SUSE SLES15 Security Update : cni-plugins (SUSE-SU-2020:1957-1)

This update for cni-plugins fixes the following issues : cni-plugins updated to version 0.8.6 CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...

SUSE-SU-2020:1957-1 Security update for cni-plugins

This update for cni-plugins fixes the following issues: cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

Attack Analytics Multi-Sensor Integrations Provide Unmatched Visibility

Since debuting Attack Analytics back in 2018, this groundbreaking security analytics functionality has come a long way. Time and again our customers have told us how powerful they find the tool and how much time it saves them. Attack Analytics better positions Imperva’s customers to focus on what...

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending “rogue” IPv6 router advertisements to the host or other containers, t...

Kubernetes Falls to Cryptomining via Machine-Learning Framework

A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft. The Kubeflow open-source project is a popular framework for running machine-learning ML tasks in Kubernetes. According to an...

Misconfigured Kubeflow workloads are a security risk

Azure Security Center ASC monitors and defends thousands of Kubernetes clusters running on top of AKS. Azure Security Center regularly searches for and research for new attack vectors against Kubernetes workloads. We recently published a blog post about a large scale campaign against Kubernetes...

Fedora: Security Advisory for slurm (FEDORA-2020-e95ef17134)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-13597

Clusters using Calico version 3.14.0 and below, Calico Enterprise version 2.8.2 and below, may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route...

CVE-2020-10749

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or...

[SECURITY] Fedora 31 Update: slurm-19.05.7-1.fc31

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for Linux clusters. Components include machine status, partition management, job management, scheduling and accounting modules...