K8S SSL/TLS漏洞（CVE-2016-2183）

Question

K8S SSL/TLS漏洞（CVE-2016-2183）

YogurtOlderMan opened this issue 5 months ago · 5 comments

YogurtOlderMan commented 5 months ago

What happened? 发生了什么问题？

目前网安的同事，在针对k8s进行扫描时，触发SSL/TLS漏洞（CVE-2016-2183），

网上搜到的链接：https://blog.csdn.net/zpf17671624050/article/details/129145754

猜测是不是因为内部证书使用了 IDEA、DES 和 3DES 等算法问题

What did you expect to happen? 期望的结果是什么？

解决该漏洞

How can we reproduce it (as minimally and precisely as possible)? 尽可能最小化、精确地描述如何复现问题

此问题，属于漏洞，无法复现

Anything else we need to know? 其他需要说明的情况

No response

Kubernetes version k8s 版本

V1.21.0

Kubeasz version

3.1.0

OS version 操作系统版本

# On Linux:
$ cat /etc/os-release
# paste output here
$ uname -a
# paste output here

CentOS 7.9

Related plugins (CNI, CSI, ...) and versions (if applicable) 其他网络插件等需要说明的情况

Answer 1 · 2024-08-29T09:14:34.000Z

Could please provide more details logs for our debug?

Answer 2 · 2024-09-10T06:57:41.000Z

Could please provide more details logs for our debug?

Answer 3 · 2024-09-10T07:26:44.000Z

@gjmzj Does the project still need maintenance and updates? it's been 4 years since my last PR and there hasn't been any activity since then.
It seems like the project is dead~~ ^-^

Answer 4 · 2024-10-10T21:16:51.000Z

This issue is stale because it has been open for 30 days with no activity.

Answer 5 · 2024-10-18T21:16:18.000Z

This issue was closed because it has been inactive for 14 days since being marked as stale.