K
Q

How valuable is the RSA private key in kubernetes for an attacker?

6/12/2019

I am currently playing with kubernetes and read about a security issue (cve-2018-18264) where it was possible to gain unauthorized access to the dashboards secrets (the certificate plus the RSA private key).

Now I am wondering how valuable the RSA private key and the certificate is for an attacker especially in kubernetes? Can someone tell me about?

How about if Diffie-Helman is used for key exchange?

-- ItFreak
kubernetes
rsa
security

Similar Questions

How can I use ingress with Haproxy on kuberenets cluster?
How to get the IP address from "docker-for-desktop" node?
How to configure the auto-generated istio-ingressgateway in GKE?
How to scale a Kubernetes cluster on GKE?

1 Answer

6/25/2019

As said on CVE-2018-18264: Kubernetes Dashboard TLS Certificate Leak.

Description

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard’s Service Account for reading secrets within the cluster.

So if You deployed an app, lets take this Mysql Wordpress deployment, attacker might gain access to your DB login and password.

Also if You are using secrets as authentication between application, attacker might use MITM attack.

DH is no longer considered as secure.

... However, research published in October 2015 suggests that the parameters in use for many DH Internet applications at that time are not strong enough to prevent compromise by very well-funded attackers, such as the security services of large governments.[3]

Paper talking about this is Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice

-- Crou
Source: StackOverflow