CVE-2020-8554 is a vulnerability that allows Kubernetes Services to intercept cluster traffic to any IP address. Users who can manage services can exploit the vulnerability to carry out man-in-the-middle (MITM) attacks against pods and nodes in the cluster. All Kubernetes versions including the latest release (v1.20) are vulnerable to this attack. If your cluster is multi-tenant, or allows unprivileged users to create and update services, you are impacted.
Since this is a major design flaw with no fix in sight, detecting exploitation attempts of this vulnerability is critical to preventing or stopping an attack. In this webinar, we will demonstrate several ways that Calico Enterprise’s runtime defense approach can help mitigate this unpatched vulnerability. You will learn:
A Calico Enterprise trial is available after this session and you will be able to practice these use cases on your own within a hosted lab.