Kubernetes kube-controller-manager vulnerability discovered
CVE-2024-0793
7.7HIGH
What is CVE-2024-0793?
A vulnerability exists in the Kubernetes Controller Manager resulting from the initial application of a Horizontal Pod Autoscaler (HPA) configuration YAML that omits the .spec.behavior.scaleUp block. This flaw triggers a continuous restart cycle of KCM pods, leading to service disruption. When this configuration is applied, it causes the kube-controller-manager to enter a restart loop, which affects the overall stability of the Kubernetes environment. The implications of this issue highlight the importance of adhering to proper configuration practices to mitigate potential disruptions.