I am currently playing with kubernetes and read about a security issue (cve-2018-18264) where it was possible to gain unauthorized access to the dashboards secrets (the certificate plus the RSA private key).
Now I am wondering how valuable the RSA private key and the certificate is for an attacker especially in kubernetes? Can someone tell me about?
How about if Diffie-Helman is used for key exchange?
As said on CVE-2018-18264: Kubernetes Dashboard TLS Certificate Leak.
Description
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard’s Service Account for reading secrets within the cluster.
So if You deployed an app, lets take this Mysql Wordpress deployment, attacker might gain access to your DB login and password.
Also if You are using secrets as authentication between application, attacker might use MITM attack.
DH is no longer considered as secure.
... However, research published in October 2015 suggests that the parameters in use for many DH Internet applications at that time are not strong enough to prevent compromise by very well-funded attackers, such as the security services of large governments.[3]
Paper talking about this is Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice