Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2018-18264
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.917
EPSS Ranking
99.7%
CVSS Severity
CVSS v3 Score
7.5
CVSS v2 Score
5.0
References
http://www.securityfocus.com/bid/106493
https://github.com/kubernetes/dashboard/pull/3289
https://github.com/kubernetes/dashboard/pull/3400
https://github.com/kubernetes/dashboard/releases/tag/v1.10.1
https://groups.google.com/forum/#%21topic/kubernetes-announce/yBrFf5nmvfI
https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/
http://www.securityfocus.com/bid/106493
https://github.com/kubernetes/dashboard/pull/3289
https://github.com/kubernetes/dashboard/pull/3400
https://github.com/kubernetes/dashboard/releases/tag/v1.10.1
https://groups.google.com/forum/#%21topic/kubernetes-announce/yBrFf5nmvfI
https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/
Products affected by CVE-2018-18264
Kubernetes
»
Dashboard
»
Version:
Any
cpe:2.3:a:kubernetes:dashboard:*
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved