RSS   Vulnerabilities for 'Nginx ingress controller'   RSS

2020-01-14
 
CVE-2018-1002104

CWE-20
 

 
Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly.

 

 >>> Vendor: Kubernetes 12 Products
JAVA
Kubernetes
Minikube
Kube-state-metrics
Cri-o
External-provisioner
External-resizer
External-snapshotter
Nginx ingress controller
Ingress-nginx
Secrets store csi driver
Aws-iam-authenticator


Copyright 2024, cxsecurity.com

 

Back to Top