1. Forum
  2. tqw
  3. TQW GENTECH

  • Critical Kubernetes Image Builder credential vulnerability allows

    From TechnologyDaily@1337:1/100 to All on Friday, October 18, 2024 15:00:05
    Critical Kubernetes Image Builder credential vulnerability allows for virtual machine SSH access

    Date:
    Fri, 18 Oct 2024 13:48:59 +0000

    Description:
    A patch is already available, so make sure to apply it ASAP.

    FULL STORY ======================================================================

    There is a critical vulnerability in the Kubernetes Image Builder that allows threat actors to access different Virtual Machine (VM) images with ease. A patch is already available, so if youre using the image building tool, make sure to update it to the latest version as soon as possible.

    Kubernetes Image Builder is a tool that helps build and maintain container images for Kubernetes environments. It simplifies the building, packaging,
    and deployment of containerized applications by generating optimized and reproducible images ready for Kubernetes clusters.

    However, when one builds a Kubernetes VM image, it comes with a set of
    default credentials, which are the same for every user. As a result, crooks can easily access virtual machines with root privileges. Randomly generated password

    According to The Register , VM images built with the Proxmox provider are
    most at risk. The flaw on this platform is tracked as CVE-2024-9486 , and carries a severity rating of 9.8/10, meaning its critical. Image Builder version 0.1.37, or earlier, are flawed, and it is recommended users migrate
    to Image Builder v0.1.38, or later, as soon as possible.

    In this version, every new image build will be given a randomly generated password , with the builder account being terminated at the end of the build process.

    Users that end up upgrading Image Builder should also re-deploy new images to any affected VMs, the publication stressed.

    Besides Proxmox, there are other providers who are at risk, too - including Nutanix, OVA, QEMU, and others: However, in these instances, the severity rating is 6.3, since they disable the default credentials at the end of the image build process, and thus give the threat actor a much smaller window of opportunity.

    Those that are unable to apply the patch at the moment should disable the builder account and thus mitigate the risk.

    Via The Register More from TechRadar Pro AWS has patched a rather embarrassing Kubernetes bug Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/critical-kubernetes-image-builder-crede ntial-vulnerability-allows-for-virtual-machine-ssh-access


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)