Palo Alto Networks

Vulnerability Exposed

New Vulnerability in Kubernetes CVE-2022-3172

On September 16th, CVE-2022-3172, a medium severity vulnerability (with CVSS score of 5.1) in the Kubernetes API server, was published. The vulnerability is an open redirect vulnerability that allows an aggregated API server to redirect client requests, which could lead to credentials theft and information leakage.

The vulnerability could be exploited by a compromised aggregated API server that will return a redirect response to the client, causing the client to ...

Oct 07, 2022

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.