You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
1. Introduction
This report summarizes the vulnerabilities identified through the Prisma scan conducted.
The identified vulnerabilities have been categorized based on their severity levels, potential impacts, and recommended actions for remediation.
2. Vulnerabilities
2.1 Critical Vulnerabilities
Vulnerability: CVE-2020-8554
Description: Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
2.2 High Vulnerabilities
Vulnerability: CVE-2023-50782
Description: A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
2.3 High Vulnerabilities
Vulnerability: PRISMA-2022-0227
Description: github.com/emicklei/go-restful/v3 module prior to v3.10.0 is vulnerable to Authentication Bypass by Primary Weakness. There is an inconsistency in how go-restful parses URL paths. This inconsistency could lead to several security check bypass in a complex system.
3. How to reproduce it (as minimally and precisely as possible):
Scan your image via Prisma and you will see the issues.
See screenshot for more details
4. Conclusion
The Prisma scan identified several vulnerabilities in the environment.
Immediate attention should be given to critical and high-severity vulnerabilities to mitigate potential risks.
Medium and low-severity vulnerabilities should also be addressed in a timely manner to strengthen the security posture.
Continuous monitoring and regular vulnerability assessments are recommended to ensure ongoing security.
Please review this report and prioritize the remediation efforts accordingly.
The text was updated successfully, but these errors were encountered:
1. Introduction
This report summarizes the vulnerabilities identified through the Prisma scan conducted.
The identified vulnerabilities have been categorized based on their severity levels, potential impacts, and recommended actions for remediation.
2. Vulnerabilities
2.1 Critical Vulnerabilities
Vulnerability: CVE-2020-8554
Description: Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
2.2 High Vulnerabilities
Vulnerability: CVE-2023-50782
Description: A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
2.3 High Vulnerabilities
Vulnerability: PRISMA-2022-0227
Description: github.com/emicklei/go-restful/v3 module prior to v3.10.0 is vulnerable to Authentication Bypass by Primary Weakness. There is an inconsistency in how go-restful parses URL paths. This inconsistency could lead to several security check bypass in a complex system.
3. How to reproduce it (as minimally and precisely as possible):
Scan your image via Prisma and you will see the issues.
See screenshot for more details
4. Conclusion
The Prisma scan identified several vulnerabilities in the environment.
Immediate attention should be given to critical and high-severity vulnerabilities to mitigate potential risks.
Medium and low-severity vulnerabilities should also be addressed in a timely manner to strengthen the security posture.
Continuous monitoring and regular vulnerability assessments are recommended to ensure ongoing security.
Please review this report and prioritize the remediation efforts accordingly.
The text was updated successfully, but these errors were encountered: