vulnerability

Kubernetes: CVE-2019-3818: Traffic sent over a TLS connection with a weak configuration could potentially break the encryption

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Feb 5, 2019

Added

May 14, 2019

Modified

Apr 17, 2026

Description

The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the encryption.

Solution

kubernetes-upgrade-0_4_0

References

CVE-2019-3818
https://attackerkb.com/topics/CVE-2019-3818
CWE-327
EUVD-EUVD-2019-13441
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-13441
https://nvd.nist.gov/vuln/detail/CVE-2019-3818

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report