cbcvebase.
CVE-2018-18264
published 2019-01-03

CVE-2018-18264: Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.

PriorityP276high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
70.37%
99.3th percentile
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.

Affected

1 ranges
VendorProductVersion rangeFixed in
kubernetesdashboard< 1.10.11.10.1

Detection & IOCsextracted from sources · hover to see the quote

url/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs
url/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs
  • Nuclei template matcher: HTTP 200 response with body containing both 'apiVersion' and 'objectRef' strings indicates successful unauthenticated access to Kubernetes Dashboard secrets endpoint
  • Trend Micro IPS rule 1009493 specifically covers CVE-2018-18264 Kubernetes Dashboard Authentication Bypass
  • Trend Micro Network Security rule 34487 (HTTP) and 34488 (HTTPS) detect Kubernetes Dashboard Authentication Bypass traffic
  • Shodan queries for exposed Kubernetes Dashboard instances that may be vulnerable
  • ·The vulnerability only affects Kubernetes Dashboard versions before 1.10.1; the fix was introduced in that release
  • ·The Nuclei template uses stop-at-first-match across two URL paths, meaning only the first matching path is tested per scan
  • ·Red Hat confirmed this issue did not affect heketi shipped with Red Hat Gluster Storage 3 as it does not ship kubernetes dashboard

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.