{"vulnerability": "cve-2020-8554", "sightings": [{"uuid": "71c32e66-0e80-4eb1-b53a-f8a1dd10f3cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://gist.github.com/Roguito/7f72fca45d53171d1230f9efa2c72d96", "content": "", "creation_timestamp": "2025-05-11T20:08:23.000000Z"}, {"uuid": "4b161442-86a0-4da4-a3ac-8f6b69b0241f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/mccune.org.uk/post/3mceryiqjcs25", "content": "", "creation_timestamp": "2026-01-14T09:46:56.653928Z"}, {"uuid": "08095d13-c757-4757-b6e3-822567984329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://gist.github.com/alekseytivonchik/46cb258b9bbb5b22b16304f51b06dc3e", "content": "", "creation_timestamp": "2025-12-03T15:40:16.000000Z"}, {"uuid": "156a66d2-fee1-421a-a568-3f5cdcced9a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/cyberresearch.bsky.social/post/3mcescpy2lh2c", "content": "", "creation_timestamp": "2026-01-14T09:52:37.049858Z"}, {"uuid": "f3f8ac43-9c9c-4527-8f9f-b6f590eb468a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mceuy2fbwe2p", "content": "", "creation_timestamp": "2026-01-14T10:40:19.783685Z"}, {"uuid": "e7eccf2f-77dd-4ba7-9386-39273ca5b887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mcj2c5jber23", "content": "", "creation_timestamp": "2026-01-16T02:26:07.581133Z"}, {"uuid": "6880e5c5-09a5-479b-8c5a-983569b8a4b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mcgjrxmgpm2w", "content": "", "creation_timestamp": "2026-01-15T02:25:24.078486Z"}, {"uuid": "6dc110ba-3d45-4f51-8717-2cb42b10b370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mco3cxwc7i2n", "content": "", "creation_timestamp": "2026-01-18T02:27:46.693694Z"}, {"uuid": "ec1b025f-e3a9-4b86-9166-48cefd8c8dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mcqlrxhzfa2a", "content": "", "creation_timestamp": "2026-01-19T02:27:48.873753Z"}, {"uuid": "3bf8792e-09d7-4bcc-9abe-8df9c4f79552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mclkjdwieu2a", "content": "", "creation_timestamp": "2026-01-17T02:21:47.687161Z"}, {"uuid": "4f063c98-923f-4c82-8a57-205ee90fbdb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://t.me/arpsyndicate/1908", "content": "#ExploitObserverAlert\n\nCVE-2020-8554\n\nDESCRIPTION: Exploit Observer has 45 entries related to CVE-2020-8554. Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.\n\nFIRST-EPSS: 0.002380000\nNVD-IS: 3.4\nNVD-ES: 1.6", "creation_timestamp": "2023-12-18T04:09:52.000000Z"}, {"uuid": "e9c24cdd-bb5b-4e2a-80da-e728f62a4935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "published-proof-of-concept", "source": "https://t.me/k8security/161", "content": "CVE-2020-8554: Man-in-the-middle using LoadBalancer or ExternalIPs\n\n\u041f\u043e\u0447\u0438\u0442\u0430\u0432 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u0432\u0430\u0441, \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0434\u0430\u0442\u044c\u0441\u044f \u0432\u043e\u043f\u0440\u043e\u0441\u043e\u043c: \"\u041f\u0440\u0430\u0432\u0434\u0430 CVE??!\".\n\n\u0421\u0443\u0442\u044c \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e LoadBalancer \u0434\u0435\u043b\u0430\u0435\u0442 \u0442\u043e, \u0434\u043b\u044f \u0447\u0435\u0433\u043e \u0438 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d. \u0415\u043c\u0443 \u0443\u043a\u0430\u0437\u0430\u043b\u0438 IP \u0434\u043b\u044f LoadBalancer \u0438 \u0431\u044d\u043a\u0430\u043d\u0434\u0430 - \u043e\u043d \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438\u0445, \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u044f \u0438 \u043d\u0435 \u0437\u043d\u0430\u044f \u043e \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0445 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f\u0445. \u0410 \u0442\u0430\u043a \u0430\u0432\u0442\u043e\u0440 PoC \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f LoadBalancer \u043a\u0430\u043a MITM \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044f \u043d\u0430 \u0441\u0432\u043e\u0439 \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0439 Pod. \u0422\u0430\u043a\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0441 2016 \u0433\u043e\u0434\u0430 \u0435\u0441\u043b\u0438 \u0447\u0442\u043e. \u0412\u0441\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f/\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0432 \u044d\u0442\u043e\u043c \u043a\u043e\u0440\u043e\u0442\u043a\u043e\u043c \u0438 \u0435\u043c\u043a\u043e\u043c \u0442\u0440\u0435\u0434\u0435. \u0410 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0448\u0435\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e admission controllers ;)\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043d\u0435 \u043f\u0443\u0433\u0430\u0439\u0442\u0435\u0441\u044c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 \u043f\u0430\u0441\u043f\u043e\u0440\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \"This issue is a design flaw that cannot be mitigated without user-facing changes.\"", "creation_timestamp": "2020-12-08T07:29:21.000000Z"}, {"uuid": "78be0707-04cb-4361-80f3-d3ed44e91dae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://t.me/k8security/169", "content": "\u041a\u0440\u043e\u0445\u043e\u0442\u043d\u0430\u044f \u0437\u0430\u043c\u0435\u0442\u043a\u0430 \u043e\u0442 \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u0430 Cilium \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u043e\u0433\u043e CNI \u0438\u0437 \u043a\u043e\u0440\u043e\u0431\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0431\u0435\u0437 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f kube-proxy \u0438 \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0431\u044b\u0442\u044c \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u043c MitM \u0430\u0442\u0430\u043a\u0435 \u0438\u0437-\u0437\u0430 CVE-2020-8554: \"we don't translate an ExternalIP address for traffic sourced from pods unless the ExternalIP is associated with a known node.\"\n\n\u0415\u0449\u0435 \u0432 \u0437\u0430\u043c\u0435\u0442\u043a\u0435 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0449\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e MitM \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 Kubernetes.  \u0422\u0430\u043a\u0436\u0435 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u0430 \u043e Zero Trust Networking \u0438 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u0440\u0430\u044e\u0442\u0441\u044f \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u0449\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 MitM \u0430\u0442\u0430\u043a (\u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u044d\u0442\u043e \u043f\u0440\u0430\u0432\u0434\u0430 \u0435\u0449\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u043e\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c).\n\n\u041d\u0430\u043f\u043e\u043c\u043d\u044e, \u0447\u0442\u043e Cilium \u0431\u0430\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438 eBPF.", "creation_timestamp": "2020-12-18T07:35:07.000000Z"}, {"uuid": "4d462706-444c-4ec3-90d8-934beb7cf6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mct45zzhev23", "content": "", "creation_timestamp": "2026-01-20T02:26:13.498831Z"}, {"uuid": "4db07fda-045f-44f6-9c1a-5becad17a819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mcvmpbrrar2g", "content": "", "creation_timestamp": "2026-01-21T02:27:31.410013Z"}, {"uuid": "9ad937c7-c56e-4e05-bccc-e660cf179ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "published-proof-of-concept", "source": "https://t.me/cKure/3407", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554).\n\nhttps://unit42.paloaltonetworks.com/cve-2020-8554/", "creation_timestamp": "2020-12-22T21:10:00.000000Z"}, {"uuid": "ca80b71d-412b-4b50-b78f-90deea4b27b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2302", "content": "Detect and Block Exploit Attempts for Kubernetes Vulnerability: CVE-2020-8554 - MiTM Attack Using Kubernetes Service Resources\nhttps://blog.alcide.io/kubernetes-vulnerability-cve-2020-8554\n]-&gt; PoC:\nhttps://blog.champtar.fr/K8S_MITM_LoadBalancer_ExternalIPs\n]-&gt; Detect CVE-2020-8554 using Falco:\nhttps://sysdig.com/blog/detect-cve-2020-8554-using-falco", "creation_timestamp": "2021-03-13T17:59:21.000000Z"}, {"uuid": "9d593f6c-654d-4caf-b228-3220d779f2db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://t.me/cibsecurity/22504", "content": "\u203c CVE-2020-8554 \u203c\n\nKubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-21T20:28:23.000000Z"}, {"uuid": "b2e36042-194e-4cb4-ad80-fb16959c21a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8554", "type": "seen", "source": "https://t.me/ls_la_xyz/492", "content": "\u26a1\ufe0f\u041f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0433\u043b\u0430\u0432\u043d\u044b\u0445 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 23 \u0434\u0435\u043a\u0430\u0431\u0440\u044f\u26a1\ufe0f\n\n\ud83d\udcc2 \u0423\u0442\u0435\u0447\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 500 \u0413\u0411.\n\u0411\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 500 \u0413\u0411, \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0430\u044f USB Insurance Services, \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e \u043f\u0440\u043e\u0441\u043e\u0447\u0438\u043b\u0430\u0441\u044c \u0432 \u0441\u0435\u0442\u044c \u043d\u0430 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u0444\u043e\u0440\u0443\u043c\u0435. \u042d\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u043d\u043e\u043c\u0435\u0440\u0430 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0442\u0440\u0430\u0445\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043d\u0430 \u0441\u0447\u0435\u0442\u0430\u0445.\n\n\ud83c\uddfa\ud83c\uddf8 \u041f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0439 \u0433\u043e\u0440\u043e\u0434 \u042d\u043b\u043b\u0435\u043d\u0441\u0431\u0443\u0440\u0433.\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u043b\u0438\u0446\u0430 \u0433\u043e\u0440\u043e\u0434\u0430 \u042d\u043b\u043b\u0435\u043d\u0441\u0431\u0443\u0440\u0433 , \u0448\u0442\u0430\u0442 \u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439. \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b. \u041e\u0434\u043d\u0430\u043a\u043e \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u0432\u0441\u0435 \u0433\u043e\u0440\u043e\u0434\u0441\u043a\u0438\u0435 \u0434\u0435\u043f\u0430\u0440\u0442\u0430\u043c\u0435\u043d\u0442\u044b. \u042d\u0442\u043e \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0432\u044b\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0447\u0435\u0442\u043e\u0432 \u0437\u0430 \u043a\u043e\u043c\u043c\u0443\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u043b\u0443\u0433\u0438, \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0438 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u0443\u0441\u043b\u0443\u0433\u0438. \u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0433\u043e\u0440\u043e\u0434 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 \u043c\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0438 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0430\u043c\u0438 \u0434\u043b\u044f \u043e\u0446\u0435\u043d\u043a\u0438 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438.\n\n\ud83e\udde8 EXMO \u0432\u0437\u043b\u043e\u043c\u0430\u043d.\n\u0411\u0440\u0438\u0442\u0430\u043d\u0441\u043a\u0430\u044f \u0431\u0438\u0440\u0436\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442 EXMO \u0431\u044b\u043b\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0432\u0435\u043b\u0438 \u043f\u043e\u0447\u0442\u0438 5% \u0432\u0441\u0435\u0445 \u0430\u043a\u0442\u0438\u0432\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0435\u0435 \u0433\u043e\u0440\u044f\u0447\u0438\u0445 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432.\n\n\u2692 \u041d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a Kubernetes.\n\u041a\u043e\u043c\u0438\u0442\u0435\u0442 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Kubernetes \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0435\u0449\u0435 \u043d\u0435 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430, \u0441 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u0438\u0435\u043c CVE-2020-8554. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u0440\u043e\u0438\u0441\u0442\u0435\u043a\u0430\u0435\u0442 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0432\u0443\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 Kubernetes Services: \u0432\u043d\u0435\u0448\u043d\u0438\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0438 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 MITM-\u0430\u0442\u0430\u043a \u0438 \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n\n\ud83c\udf10 \u0424\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u044f\u043a\u043e\u0431\u044b \u043e\u0442 \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430 \u0442\u0440\u0443\u0434\u0430 \u041d\u044c\u044e-\u0419\u043e\u0440\u043a\u0430. \u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 - \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0441\u0432\u043e\u0435\u0439 \u043b\u0438\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u0441 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0427\u0442\u043e\u0431\u044b \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0435\u0433\u043e \u0431\u043e\u043b\u0435\u0435 \u0443\u0431\u0435\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c, \u043f\u0438\u0441\u044c\u043c\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0441 \u0430\u0434\u0440\u0435\u0441\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044f \u2018noreply@labor[.]ny.gov\u2019. \u0412 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0432\u044b\u0434\u0435\u043b\u0438\u0442 600 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0437\u0430\u043f\u043e\u043b\u043d\u0438\u0442 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u0443\u044e \u0444\u043e\u0440\u043c\u0443.", "creation_timestamp": "2020-12-23T20:00:19.000000Z"}]}