-
Kubernetes hostPort allow services traffic interception when using kubeproxy IPVS (CVE-2019-9946)
-
Host MITM attack via IPv6 rogue router advertisements (K8S / Docker / LXD / WSL2 / …)
-
Kubernetes MITM using LoadBalancer or ExternalIPs (CVE-2020-8554)
-
Metadata service MITM allows root privilege escalation (EKS / GKE)
-
Layer 2 network security bypass using VLAN 0, LLC/SNAP headers and invalid length