Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: kubernetes

Published: 2020-01-14T20:15:17.491462Z

Updated: 2024-09-16T21:07:22.919Z

Reserved: 2018-12-05T00:00:00

Link: CVE-2018-1002104

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-01-14T21:15:16.350

Modified: 2020-01-17T03:09:49.220

Link: CVE-2018-1002104

cve-icon Redhat

Severity : Low

Publid Date: 2020-01-15T00:00:00Z

Links: CVE-2018-1002104 - Bugzilla