EPSS
Percentile
36.4%
Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly.
github.com/kubernetes/ingress-nginx
github.com/kubernetes/ingress-nginx/commit/d487a50e399100ad8db12ed1d2f92271f311f676
github.com/kubernetes/ingress-nginx/issues/1733
github.com/kubernetes/ingress-nginx/pull/3125
nvd.nist.gov/vuln/detail/CVE-2018-1002104