Default Credentials Enabled in Kubernetes Image Builder, Affecting Proxmox Virtual Machine Images

Summary

The Kubernetes Image Builder has a critical vulnerability, identified as CVE-2024-9486, where default credentials are enabled during the image build process. This vulnerability affects virtual machine images built using the Proxmox provider and could allow unauthorized access and root access to affected nodes. Another related issue, tracked as CVE-2024-9594, affects images built with the Nutanix, OVA, QEMU, or raw providers, where default credentials are also enabled during the build process, posing a risk if an attacker can reach the VM during construction. The fix for CVE-2024-9486 involves upgrading to Kubernetes Image Builder v0.1.38 or later, while a temporary mitigation for the issue involves disabling the "builder" account on affected VMs. It is recommended for organizations using Kubernetes to address these vulnerabilities promptly to prevent potential unauthorized access and maintain the security of their clusters.

News Articles

The Hacker News

CVE-2024-9486

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

Critical Kubernetes Image Builder vulnerability CVE-2024-9486 patched to prevent root access via default credentials.

22 hours ago

CyberSecurityNews

CVE-2024-9486

Kubernetes Image Builder Flaw Let Attackers Gain Root Access to VMs

The Kubernetes Security Response Committee has disclosed two critical vulnerabilities in the Kubernetes Image Builder that could allow attackers to gain root access to virtual machines (VMs).

2 days ago