漏洞描述
ovn-kubernetes是OVN开源的一个基于开放虚拟网络(OVN)并提供基于覆盖的网络实现。 ovn-kubernetes 存在安全漏洞,系统管理员或特权攻击者利用该漏洞创建一个出口网络策略,绕过集群中其他pod的现有入口策略,从而允许网络流量访问不该访问的pod,导致信息泄露。
ovn-kubernetes 安全特征问题漏洞
PoC代码
暂无相关漏洞推荐
- POC kubernetes-dashboard-enabled: Kubernetes Dashboard for ACK Clusters - Enabled
- POC eks-kubernetes-secrets-encryption: EKS Kubernetes Secrets not Encrypted
- POC azure-aks-kubernetes-version-outdated: Azure AKS Kubernetes Version Not Latest
- POC kubernetes-metrics: Detect Kubernetes Exposed Metrics
- POC kubernetes-unauth: kubernetes Unauth
- POC kubernetes-exposing-docker-socket-hostpath: Kubernetes Exposing Host's Docker Socket
- POC kubernetes-pods-api: Kubernetes Pods - API Discovery & Remote Code Execution
- POC kubernetes-web-view: Kubernetes Local Cluster Web View Panel- Detect
- POC kubernetes-kustomization-disclosure: Kubernetes Kustomize Configuration - Detect
- POC kubernetes-etcd-keys: Kubernetes etcd Keys - Exposure
- POC kubernetes-metrics: Detect Kubernetes Exposed Metrics
- POC kubernetes-pods-api: Kubernetes Pods - API Discovery & Remote Code Execution
- POC kubernetes-resource-report: Detect Overview Kubernetes Resource Report