microsoft-github-policy-service[bot]
commented
2 weeks ago @miwithrow, @CocoWang-wql would you be able to assist?
Open miwithro opened 2 weeks ago
microsoft-github-policy-service[bot]
commented
2 weeks ago @miwithrow, @CocoWang-wql would you be able to assist?
miwithro
commented
2 weeks ago No customer action required.
The WireServing bug can be exploited by leveraging an AKS cluster that use the Azure CNI for network configuration and Azure network policy (NPM). The attack hinges on a TLS bootstrap attack targeting the tokens used for securely joining nodes to a Kubernetes cluster.
AKS Information In the 2024.07.16 Release Azure Container Networking updated the iptables rules in AKS clusters with Azure Network Policy Manager to block pod access to wireserver.