Kritische Schwachstelle: Kubernetes anfällig für Remotecode-Ausführung

Kritische Schwachstelle: Kubernetes anfällig für Remotecode-Ausführung Betroffen sind ausschließlich Windows-Endpunkte. Der Fehler lässt sich unter Umständen in einer Standardkonfiguration ausnutzen. Ein Update steht inzwischen bereit. von Stefan Beiersmann am 29. Januar 2025 , 15:14 Uhr Akamai warnt vor einer kritischen Sicherheitslücke in Kubernetes. Die Schwachstelle mit der Kennung CVE-2024-9042 ermöglicht das Einschleusen und Ausführen von Schadcode aus der Ferne auf Windows-Endpunkten innerhalb eines Kubernetes-Clusters. Der Fehler tritt allerdings nur auf, wenn der Protokollierungsmechanismus „Log Query“ aktiviert ist.var screensize = document.documentElement.clientWidth;if (screensize < 1800) {var minscreenwidth = "1280";} else {var minscreenwidth = "1920";}var u_company = "n/a";var u_job_description = "n/a";var u_company_size = "n/a";var u_industry = "n/a";if (kaminoCookie.getItem("ct_echo") != undefined) {var ct_echo = JSON.parse(kaminoCookie.getItem("ct_echo"));ct_echo.details = ct_echo.details || {};u_company = "n/a";u_job_description = ct_echo.details.jd || "n/a";u_company_size = ct_echo.details.ne || "n/a";u_industry = ct_echo.details.is || "n/a";}console.log("id:DESKTOP_IN_ARTICLE-88420123-0");var scr = document.getElementById("DESKTOP_IN_ARTICLE-88420123-0");var device = "desktop";if(dfp_device_view == device){var slot_div = document.createElement("div");slot_div.setAttribute("id", "div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0");slot_div.setAttribute("class", "dfp_ad div-gpt-ad-DESKTOP_IN_ARTICLE-0 desktop sticky-DESKTOP_IN_ARTICLE-88420123-0");slot_div.setAttribute("height", "0");var word = "";if(word != ""){var slot_word_div = document.createElement("div");slot_word_div.setAttribute("class", "dfp_word");slot_word_div.innerHTML = word;slot_div.appendChild(slot_word_div);}scr.parentNode.insertBefore(slot_div, scr.nextSibling);googletag.cmd.push(function() {var infinite_scroll = false;if("" != ""){infinite_scroll = true;if(hutt_original_page_id != ""){hutt_original_page_id = "";hutt_defineSlot_slot_object_infinite_scroll = [];}}var slot = googletag.defineSlot("/16255858/zdnet/article/security/security-management",[8, 8], "div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0").setTargeting("artid", "88420123").setTargeting("cat", ["security","security-management"]).setTargeting("tag", ["kubernetes","schwachstellen","security","sicherheit","windows"]).setTargeting("type", "post").setTargeting("min_width", minscreenwidth).setTargeting("job_description", u_job_description).setTargeting("company_size", u_company_size).setTargeting("industry", u_industry).setTargeting("company", u_company).addService(googletag.pubads());if(infinite_scroll == true){hutt_defineSlot_slot_object_infinite_scroll.push( slot );}var size = "[8, 8]";size = size.replace(/s+/g, "");hutt_defineSlot["div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0"] = {};hutt_defineSlot["div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0"]["size"] = size;hutt_defineSlot_slot_object["div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0"] = {};hutt_defineSlot_slot_object["div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0"]["slot"] = slot;googletag.display("div-gpt-ad-DESKTOP_IN_ARTICLE-88420123-0");});}var screensize = document.documentElement.clientWidth;if (screensize < 1800) {var minscreenwidth = "1280";} else {var minscreenwidth = "1920";}var u_company = "n/a";var u_job_description = "n/a";var u_company_size = "n/a";var u_industry = "n/a";if (kaminoCookie.getItem("ct_echo") != undefined) {var ct_echo = JSON.parse(kaminoCookie.getItem("ct_echo"));ct_echo.details = ct_echo.details || {};u_company = "n/a";u_job_description = ct_echo.details.jd || "n/a";u_company_size = ct_echo.details.ne || "n/a";u_industry = ct_echo.details.is || "n/a";}console.log("id:VIDEO_INFEED-88420123-0");var scr = document.getElementById("VIDEO_INFEED-88420123-0");var device = "desktop";if(dfp_device_view == device){var slot_div = document.createElement("div");slot_div.setAttribute("id", "div-gpt-ad-VIDEO_INFEED-88420123-0");slot_div.setAttribute("class", "dfp_ad div-gpt-ad-VIDEO_INFEED-0 desktop sticky-VIDEO_INFEED-88420123-0");slot_div.setAttribute("height", "0");var word = "";if(word != ""){var slot_word_div = document.createElement("div");slot_word_div.setAttribute("class", "dfp_word");slot_word_div.innerHTML = word;slot_div.appendChild(slot_word_div);}scr.parentNode.insertBefore(slot_div, scr.nextSibling);googletag.cmd.push(function() {var infinite_scroll = false;if("" != ""){infinite_scroll = true;if(hutt_original_page_id != ""){hutt_original_page_id = "";hutt_defineSlot_slot_object_infinite_scroll = [];}}var slot = googletag.defineSlot("/16255858/zdnet/article/security/security-management",['fluid'], "div-gpt-ad-VIDEO_INFEED-88420123-0").setTargeting("artid", "88420123").setTargeting("cat", ["security","security-management"]).setTargeting("tag", ["kubernetes","schwachstellen","security","sicherheit","windows"]).setTargeting("type", "post").setTargeting("min_width", minscreenwidth).setTargeting("job_description", u_job_description).setTargeting("company_size", u_company_size).setTargeting("industry", u_industry).setTargeting("company", u_company).addService(googletag.pubads());if(infinite_scroll == true){hutt_defineSlot_slot_object_infinite_scroll.push( slot );}var size = "['fluid']";size = size.replace(/s+/g, "");hutt_defineSlot["div-gpt-ad-VIDEO_INFEED-88420123-0"] = {};hutt_defineSlot["div-gpt-ad-VIDEO_INFEED-88420123-0"]["size"] = size;hutt_defineSlot_slot_object["div-gpt-ad-VIDEO_INFEED-88420123-0"] = {};hutt_defineSlot_slot_object["div-gpt-ad-VIDEO_INFEED-88420123-0"]["slot"] = slot;googletag.display("div-gpt-ad-VIDEO_INFEED-88420123-0");});} Entdeckt wurde die Anfälligkeit vom Akamai-Mitarbeiter Tomer Peled. Ihm zufolge kann die Schwachstelle durch eine einfache GET-Anfrage an den Remote-Knoten ausgelöst werden. Ein erfolgreicher Angriff könnte zur vollständigen Übernahme aller Windows-Knoten in einem Cluster führen. „Besonders beunruhigend ist, dass diese Schwachstelle auf Standardinstallationen von Kubernetes ausgenutzt werden kann, die sich entschieden haben, Beta-Funktionen zu verwenden, und in Versionen vor 1.32.1 implementiert ist. Dies wurde sowohl in lokalen Bereitstellungen als auch im Azure Kubernetes Service getestet“, teilte Akamai mit. Inzwischen steht ein Update für die Sicherheitslücke zur Verfügung. Nutzer sollten auf eine der fehlerbereinigten Versionen 1.32.1, 1.31.1, 1.30.9 oder 1.29.13 umsteigen. Zudem rät das Kubernetes Security Response Committee, die Logs von Windows-Knoten nach verdächtigen Einträgen zu durchsuchen, um mögliche Angriffe auf die Schwachstelle aufzudecken. Themenseiten: Kubernetes, Schwachstellen, Security, Sicherheit, Windows Fanden Sie diesen Artikel nützlich? var screensize = document.documentElement.clientWidth;if (screensize < 1800) {var minscreenwidth = "1280";} else {var minscreenwidth = "1920";}var u_company = "n/a";var u_job_description = "n/a";var u_company_size = "n/a";var u_industry = "n/a";if (kaminoCookie.getItem("ct_echo") != undefined) {var ct_echo = JSON.parse(kaminoCookie.getItem("ct_echo"));ct_echo.details = ct_echo.details || {};u_company = "n/a";u_job_description = ct_echo.details.jd || "n/a";u_company_size = ct_echo.details.ne || "n/a";u_industry = ct_echo.details.is || "n/a";}console.log("id:MOBILE_MPU-88420123-4");var scr = document.getElementById("MOBILE_MPU-88420123-4");var device = "mobile";if(dfp_device_view == device){var slot_div = document.createElement("div");slot_div.setAttribute("id", "div-gpt-ad-MOBILE_MPU-88420123-4");slot_div.setAttribute("class", "dfp_ad div-gpt-ad-MOBILE_MPU-4 mobile sticky-MOBILE_MPU-88420123-4");slot_div.setAttribute("height", "0");var word = "";if(word != ""){var slot_word_div = document.createElement("div");slot_word_div.setAttribute("class", "dfp_word");slot_word_div.innerHTML = word;slot_div.appendChild(slot_word_div);}scr.parentNode.insertBefore(slot_div, scr.nextSibling);googletag.cmd.push(function() {var infinite_scroll = false;if("" != ""){infinite_scroll = true;if(hutt_original_page_id != ""){hutt_original_page_id = "";hutt_defineSlot_slot_object_infinite_scroll = [];}}var slot = googletag.defineSlot("/16255858/zdnet/article/security/security-management",[[300, 250], [300, 600]], "div-gpt-ad-MOBILE_MPU-88420123-4").setTargeting("pos", 4).setTargeting("artid", "88420123").setTargeting("cat", ["security","security-management"]).setTargeting("tag", ["kubernetes","schwachstellen","security","sicherheit","windows"]).setTargeting("type", "post").setTargeting("min_width", minscreenwidth).setTargeting("job_description", u_job_description).setTargeting("company_size", u_company_size).setTargeting("industry", u_industry).setTargeting("company", u_company).addService(googletag.pubads());if(infinite_scroll == true){hutt_defineSlot_slot_object_infinite_scroll.push( slot );}var size = "[[300, 250], [300, 600]]";size = size.replace(/s+/g, "");hutt_defineSlot["div-gpt-ad-MOBILE_MPU-88420123-4"] = {};hutt_defineSlot["div-gpt-ad-MOBILE_MPU-88420123-4"]["size"] = size;hutt_defineSlot_slot_object["div-gpt-ad-MOBILE_MPU-88420123-4"] = {};hutt_defineSlot_slot_object["div-gpt-ad-MOBILE_MPU-88420123-4"]["slot"] = slot;googletag.display("div-gpt-ad-MOBILE_MPU-88420123-4");});} Whitepaper Gewinnen Sie Einblicke in die Bedrohungslage mit dem Elastic Global Threat Report 2024 01.01.1970, Elastic Gewinnen Sie Einblicke in die Bedrohungslage mit dem Elastic Global Threat Report 2024 01.01.1970, Elastic Intelligente Observability mit AIOps, generativer KI und Machine Learning 01.01.1970, Elastic » Alle Whitepaper … Artikel empfehlen: 0