Unauthenticated Execution Threatens Kubernetes Clusters
ID: 829df7c9-d0cb-5b0f-a8a7-f7afd2121425
STIX ID: report--829df7c9-d0cb-5b0f-a8a7-f7afd2121425
Feed Name: securityonline.info
Threat Score
A critical (CVSS 9.8) vulnerability in the Fission router allows unauthenticated attackers to invoke internal/private functions by accessing a public listener that exposes internal routes; upstream patched the issue in v1.23.0 (separating listeners and adding HMAC verification) and the report recommends immediate upgrades or network isolation and path-based filters as temporary mitigations.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.