<ul><li>Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could allow the total takeover of Kubernetes clusters.</li><li>More than 6,000 deployments of Ingress-Nginx Controller are at risk on the internet.</li><li>An attacker can execute arbitrary code and access all cluster secrets across namespaces, leading to complete cluster takeover.</li><li>Wiz recommends upgrading to the fixed versions or enforcing strict network policies and temporarily disabling the admission controller component of Ingress-Nginx for those unable to upgrade immediately.</li></ul>

Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw

Discover more