Patch now: 1,300 Harbor cloud registries open to attack

    Date19 Sep 2019
    1367
    Posted ByBrittany Day

    Have you heard that a severe critical privilege escalation vulnerability has been found in Harbor open-source registry software? Learn more:

    A critical vulnerability has been found in a popular open source cloud system that can permit attackers to take over registries by giving themselves administrative rights. 

    On Wednesday, researchers from Palo Alto Networks' Unit 42 said the bug was uncovered during the analysis of projects connected to the Cloud Native Computing Foundation (CNCF). 

    The vulnerable software is Harbor, open source cloud registry software for storing, signing, and scanning container images for security issues. The software is compatible with Docker Hub, Docker Registry, and Google Container Registry, among others. 

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.