HTTP: Kubernetes Dashboard Authentication Bypass Information Disclosure
This signature detects attempts to exploit a known vulnerability against Kubernetes Dashboard. Successful exploitation could result in the attackers gaining access to Kubernetes cluster secrets and other sensitive information.
Extended Description
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
Affected Products
Kubernetes dashboard
References
BugTraq: 106493
CVE: CVE-2018-18264
URL: https://github.com/kubernetes/dashboard/pull/3289 https://snort.org/rule_docs/1-56439
Short Name
HTTP:CTS-CVE-2018-18264-IN-DIS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CVE-2018-18264 Dashboard Disclosure Information Kubernetes bid:106493
Release Date
02/26/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3547
False Positive
Unknown
Vendors
Kubernetes
CVSS Score
5.0