Advanced

RCE in NGINX on Kubernetes: What You Should Know

All four stem from insufficient sanitization of user-controllable input — either ingress annotation values or admission review requests — that the ingress controller passes through into i...

Kubernetes (K8s) is a platform that manages and scales containers — self-contained software packages that run consistently regardless of where they are deployed. It allows complex applications to run across large numbers of servers without requiring manual, hands-on management of every component.

Because the ingress controller sits at the very edge of the cluster's infrastructure and is frequently exposed directly to the internet, any vulnerability in it — especially one enabling remote code execution — is extremely serious. A compromised ingress controller effectively hands an attacker the keys to route and manipulate traffic destined for everything running inside the cluster.

Four related CVEs were disclosed together and collectively became known as "Ingress Nightmare." At their core, these vulnerabilities are misconfigurations that allow attackers to inject malicious configuration into NGINX, which can ultimately lead to remote code execution.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

3 sections
  1. 1 Table of Contents
  2. 2 Module 1: The Ingress Nightmare Vulnerability Chain
  3. 3 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.