Information Disclosure Vulnerability in Kubernetes API Server

Information Disclosure Vulnerability in Kubernetes API Server

CVE-2016-5392 · MEDIUM Severity

AV:N/AC:L/AU:S/C:C/I:N/A:N

The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information via vectors related to the watch-cache list.

Learn more about our Cis Benchmark Audit For Kubernetes.