CVE-2018-5256

Name of the Vulnerable Software and Affected Versions CoreOS Tectonic versions 1.7.x through 1.7.9-tectonic.4 CoreOS Tectonic versions 1.8.x through 1.8.4-tectonic.3

Description The issue allows unauthenticated access to the Kubernetes API server through an unauthenticated API endpoint at "/api/kubernetes/" which is mounted as a direct proxy to the Kubernetes cluster. This results in an information disclosure, enabling unauthenticated users to list all namespaces through the console. The exposure of this endpoint can provide an attacker with internal cluster state information, potentially assisting in further attacks, such as enumerating namespaces to identify weak authorization policies for privilege escalation.

Recommendations For CoreOS Tectonic versions 1.7.x through 1.7.9-tectonic.4, update to version 1.7.9-tectonic.4 or later. For CoreOS Tectonic versions 1.8.x through 1.8.4-tectonic.3, update to version 1.8.4-tectonic.3 or later. As a temporary workaround, consider restricting access to the "/api/kubernetes/" endpoint to minimize the risk of exploitation.