Tomer Peled, an Akamai researcher, uncovered a critical vulnerability, CVE-2024-9042, in Kubernetes' Log Query function that can be easily exploited with a GET request. This vulnerability affects standard Kubernetes installations using beta features in versions below 1.32.1, impacting both on-premises environments and Azure Kubernetes Service, putting numerous organizations at risk, particularly those with Windows nodes. Immediate attention for patching is required to secure these systems and mitigate potential takeover by attackers.
A critical vulnerability in Kubernetes' Log Query function allows attackers to exploit Windows nodes through a simple GET request, necessitating urgent patching.
Collection
[
|
...
]