kube-rbac-proxy is vulnerable to man-in-the-middle attack. Insecure ciphers and TLS 1.0 are used to establish an SSL connection between the client and server, which would allow a remote attacker to exploit TLS vulnerabilities and perform man-in-the-middle attacks to sniff traffic containing confidential information.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/brancz/kube-rbac-proxy | eq | HEAD | |
github.com/brancz/kube-rbac-proxy | le | 0.4.0 |