概要
Are my containers affected by the new OpenSSL 3.x X.509 Email Address Buffer Overflows vulnerability?
Trend Micro Cloud One™ - Container Security customers can easily assess if any container running on Kubernetes clusters is impacted by the newly released OpenSSL 3.x vulnerabilities: CVE-2022-3786 and CVE-2022-3602. The following article outlines the steps necessary.
Please note, Trend Micro customers can visit this article for more background information or protection for other Trend Micro products.
Trend Micro Cloud One™ - Container Security customers can easily assess if any container running on Kubernetes clusters is impacted by the newly released OpenSSL 3.x vulnerabilities: CVE-2022-3786 and CVE-2022-3602. The following article outlines the steps necessary.
Please note, Trend Micro customers can visit this article for more background information or protection for other Trend Micro products.
詳情
The first step is to make sure the cluster is protected by Container Security and configured to do runtime vulnerability scanning [1]. This capability scans all running containers of a cluster looking for open-source and operating system vulnerabilities.
Then head to the Vulnerability View [2] page. There you will find a collection of all vulnerabilities found.
Select “Filter By: None” and pick “CVE”. Type “CVE-2022-3602” in the field that shows up and press “Enter”. This will filter all the detections to show only those that are related to this specific CVE.
Click each finding to reveal vulnerable container images and the registry they were pulled from, helping you inform those responsible for remediation. Repeat the process for “CVE-2022-3686”.
[1] https://cloudone.trendmicro.com/docs/container-security/runtime-scanning/#enable-runtime-vulnerability-scanning
[2] https://cloudone.trendmicro.com/docs/container-security/runtime-scanning/#view-vulnerabilities
Then head to the Vulnerability View [2] page. There you will find a collection of all vulnerabilities found.
Select “Filter By: None” and pick “CVE”. Type “CVE-2022-3602” in the field that shows up and press “Enter”. This will filter all the detections to show only those that are related to this specific CVE.
Click each finding to reveal vulnerable container images and the registry they were pulled from, helping you inform those responsible for remediation. Repeat the process for “CVE-2022-3686”.
[1] https://cloudone.trendmicro.com/docs/container-security/runtime-scanning/#enable-runtime-vulnerability-scanning
[2] https://cloudone.trendmicro.com/docs/container-security/runtime-scanning/#view-vulnerabilities
