ASA-202111-7 - log back

ASA-202111-7 edited at 19 Nov 2021 09:49:53
Workaround
- This issue cannot be fixed solely by upgrading kubectl-ingress-nginx. To mitigate, set allow-snippet-annotations to false in your ingress-nginx ConfigMap based on how you deploy ingress-nginx, see the references for more information.
+ This issue cannot be fixed solely by upgrading kubectl-ingress-nginx.
+ To mitigate, set allow-snippet-annotations to false in your ingress-
+ nginx ConfigMap based on how you deploy ingress-nginx, see the
+ references for more information.
ASA-202111-7 edited at 18 Nov 2021 10:28:42
Workaround
+ This issue cannot be fixed solely by upgrading kubectl-ingress-nginx. To mitigate, set allow-snippet-annotations to false in your ingress-nginx ConfigMap based on how you deploy ingress-nginx, see the references for more information.
Impact
+ An authenticated remote attacker could disclose all secrets in the cluster.
ASA-202111-7 created at 18 Nov 2021 10:26:56