漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
kube-audit-rest's example logging configuration could disclose secret values in the audit log
Vulnerability Description
kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
kube-audit-rest 安全漏洞
Vulnerability Description
kube-audit-rest是Richard Tweed个人开发者的一个 Kubernetes 审计日志记录。 kube-audit-rest 1.0.16之前版本存在安全漏洞,该漏洞源于如果将full-elastic-stack示例矢量配置用于真实集群,则kubernetes secrets的先前值将在审计消息中泄露。
CVSS Information
N/A
Vulnerability Type
N/A