Why Tanzu
製品
サービス
お客様の声
リソース
お問い合わせ
サポート
サインイン

製品

A portfolio of products and services for modernizing applications and infrastructure

Build better apps

Application Service
A modern app platform
Build Service
Container creation and management
Application Catalog
Production-ready open-source containers

Simplify cloud ops

Kubernetes Grid
Enterprise-ready runtime
Mission Control
Centralized cluster management
Observability
Modern app monitoring and analytics
Service Mesh
App-wide networking and control

Cloud native Java development

OpenJDK, Spring, Apache Tomcat support

CI/CD

Concourse
Delivery pipeline automation

Data Services

GemFire
In-memory data store for microservices
Greenplum
Data warehouse for converged analytics
Postgres
Packaged and supported Postgres
RabbitMQ
Cloud native message broker

サービス
Pivotal Labs
Build Apps
Deliver new apps users love
Modernize Apps
Re-architect valuable legacy apps
プラットフォーム
Apply the new rules of ops
Education
Build your cloud native skills

All Vulnerability Reports

Kubernetes API Server acts as proxy for internal and external IPs

Severity

Unspecified

Description

Kubernetes API, versions 1.11.x prior to 1.11.6, 1.12.x prior to 1.12.4, contains an improper proxy. A remote authenticated user is able to send HTTP requests through the Kubernetes API server within the server's network.

Affected Pivotal Products and Versions

Severity is unspecified unless otherwise noted.

Pivotal Container Service (PKS)
- versions 1.2.x prior to 1.2.5

Mitigation

Users of affected versions should apply the following mitigation:

Pivotal recommends upgrading the following releases:
- Pivotal Container Service (PKS)
  - Upgrade 1.2.x versions to 1.2.5 or greater

References

History

2019-01-08: Initial vulnerability report published.