Описание
kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16.
EPSS
Процентиль: 15%
0.00048
Низкий
Дефекты
CWE-200
Связанные уязвимости
github
около 1 года назад
kube-audit-rest's example logging configuration could disclose secret values in the audit log
EPSS
Процентиль: 15%
0.00048
Низкий
Дефекты
CWE-200