Omnisl4Sh

**Name of the Vulnerable Software and Affected Versions** KubeView versions 0.1.31 and earlier **Description** The issue allows attackers to obtain control of a Kubernetes cluster because the `api/scrape/kube-system` endpoint does not require authentication, and it retrieves certificate files that can be used for authentication as `kube-admin`. The vendor considers KubeView a "fun side project and a learning exercise," and not "very secure." A real-world incident involved a malicious actor extracting credentials and potentially obtaining control of a Kubernetes cluster during a pentest. The exploitation involved navigating to a vulnerable KubeView UI, extracting sensitive information, and cluster configurations with a custom script. **Recommendations** For versions 0.1.31 and earlier, consider disabling access to the `api/scrape/kube-system` endpoint until a patch is available. Restrict the use of the `kube-admin` certificate to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.