Kubernetes API Server Vulnerability: Unauthorized Access to Resources via Crafted Patched Object

Kubernetes API Server Vulnerability: Unauthorized Access to Resources via Crafted Patched Object

CVE-2016-1905 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.

Learn more about our Cis Benchmark Audit For Kubernetes.