Abusing ETCD to Inject Resources and Bypass RBAC and Admission Controller Restrictions
Tags
attack-pattern: Data Credentials - T1589.001 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 59e6472f-1439-4b55-b0c2-8e9eca8dd07f
Fingerprint 368ec6154ea51594
Analysis status DONE
Considered CTI value 0
Text language
Published Jan. 16, 2023, 2:59 p.m.
Added to db Jan. 16, 2023, 4:44 p.m.
Last updated Nov. 20, 2024, 7:40 a.m.
Headline Abusing ETCD to Inject Resources and Bypass RBAC and Admission Controller Restrictions
Title Abusing ETCD to Inject Resources and Bypass RBAC and Admission Controller Restrictions
Detected Hints/Tags/Attributes 30/1/10
Source URLs
Redirection Url
Details Source https://lobuhisec.medium.com/using-etcd-to-inject-resources-and-bypass-rbac-and-admission-controller-restrictions-f240ae31e7f0?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com lobuhisec.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
node.kubernetes.io
Details Domain 41 
docker.io
Details File 32 
ca.crt
Details File 12 
server.crt
Details File 18 
server.key
Details File 2 
kube-root-ca.crt
Details sha256 1 
ee2117e77c35d3884c33e18398520c8817879b3b15d9faca93652eb3794e8950
Details IPv4 1445 
127.0.0.1
Details IPv4 1 
10.244.2.4
Details IPv4 1 
172.18.0.22