Log

AVG-1663 edited at 11 Jun 2021 19:34:37
Status
- Vulnerable
+ Unknown
ASA-202106-30 edited at 11 Jun 2021 16:00:52
ASA-202106-29 edited at 11 Jun 2021 16:00:49
Workaround
- To mitigate this vulnerability without upgrading kube-apiserver, you can create a validating admission webhook that prevents EndpointSlices with endpoint addresses in the 127.0.0.0/8 and 169.254.0.0/16 ranges. If you have an existing admission policy mechanism (like OPA Gatekeeper) you can create a policy that enforces this restriction.
+ To mitigate this vulnerability without upgrading kube-apiserver, you
+ can create a validating admission webhook that prevents EndpointSlices
+ with endpoint addresses in the 127.0.0.0/8 and 169.254.0.0/16 ranges.
+ If you have an existing admission policy mechanism (like OPA
+ Gatekeeper) you can create a policy that enforces this restriction.
ASA-202106-28 edited at 11 Jun 2021 16:00:45
ASA-202106-27 edited at 11 Jun 2021 16:00:42
ASA-202106-26 edited at 11 Jun 2021 16:00:37
ASA-202106-25 edited at 11 Jun 2021 16:00:34
ASA-202106-24 edited at 11 Jun 2021 16:00:30
ASA-202106-23 edited at 11 Jun 2021 16:00:26
ASA-202106-22 edited at 11 Jun 2021 16:00:22