Security Alert: CVE-2018-1210001

This Security Alert addresses CVE-2018-1210001, a vulnerability in specific versions of Kubernetes, the deployment and orchestration platform used in Omni Data Platform and XCRO.

Excerpt: With a specially crafted network request, any user can establish a connection through the Kubernetes application programming interface (API) server to a backend server. Once established, an attacker can send arbitrary requests over the network connection directly to that backend. These requests are authenticated with the Kubernetes API server’s Transport Layer Security (TLS) credentials.

This vulnerability puts the entire cluster at risk by allowing the attacker to issue unauthenticated requests via the Kubernetes API layer.

Affected component:

Kubernetes API server

Affected Kubernetes versions and patches:

  • Kubernetes v1.10.0-1.10.10 (fixed in v1.10.11)
  • Kubernetes v1.11.0-1.11.4 (fixed in v1.11.5)
  • Kubernetes v1.12.0-1.12.2 (fixed in v1.12.3)

Affected CAPIOT products:

  • Omni Data Platform v1.x
  • XCRO v.4.x
  • XCRO v.5.x

Mitigation:

If the Kubernetes API has not been exposed outside of the cluster, or the Kubernetes environment sits in an on-prem / air gapped environment, the probability of having been attacked is significantly lesser. However it is highly recommended to upgrade your Kubernetes platform to the latest patch that has been released immediately.

Support:

Please contact support@capiot.com for any further assistance or details on this security alert.

References:

 

CAPIOT featured in “20 Fastest Growing Companies in India”

The CEO Magazine, featured CAPIOT’s success story in their latest edition. They spoke to Anil Kshirsagar, Founder and Executive Chairman of CAPIOT Software, to find about CAPIOT’s competitive advantage, growth momentum and many more.

In today’s world, digital industry always seems to be in motion. Pertaining to the statement, how the company maintained its momentum?

CAPIOT is a relatively young and dynamic company with highly talented employees motivated to solve challenging problems. We have grown phenomenally and exponentially in the last four years, and we also build strategic partnerships to serve the increasing demand from various industries. To read the full excerpts click here

AI in Enterprise : From Pilot to Mainstream

I had a moment of epiphany when a couple of days back I opened the business section of ‘The Hindu’ online and the headline screamed ‘Machine learning, AI top professionals’ reskilling list’. When a newspaper so steeped in tradition starts talking about AI skills I think it’s time to take notice.

Going by the narrative in popular culture AI & ML are either going to bring about world peace by making drugs cheaper, employees more productive and internet safe for everyone or they will destroy world peace with the rise of Skynet and terminators and making almost all of redundant. Read More

Citizen Data Stores – The Gremlins in your data

Colleagues and industry peers are thrilled about leveraging ‘data’ for the opportunity that machine learning and artificial intelligence provide. And why not, there is a lot of potential and demonstrated work.

But, there is a different ‘data’ perspective that we see when engaging with clients in the region. While there is a compelling urge to leverage data in new ways. The urge quickly turns to agonising pain caused by issues in getting the right data at the right time. The easily diagnosed pain comes from the inability to unlock the value of data from monoliths (legacy). The hidden and more acute pain though is caused by failure to leverage data from first-generation citizen data stores – The Gremlins Read More

Digital Transformation: From Monolith To Microservices

By 2020, IDC predicts that 50% of the Global 2000 will see the majority of their businesses depend on their ability to create digitally-enhanced products, services, and experiences. Organizations cannot meet the growing digital business demands- speed, ability to handle complexity, scalability- with the traditional way of building applications using a monolithic architecture that was prominent in the past decade. Now businesses have to support personalized experiences for different customers on different channels and to do this effectively, enterprises need to look for the alternative architectural style.
Read More

The Digital Twin: a swiss-knife like enabler for digital transformation

As enterprises continue to work hard to meet growing digital needs, one of the key aspects to cracking the digital conundrum is: how to organize data? Legacy systems (aka mainframes) continue to exist and they really haven’t gone anywhere. Many of the customers we work with are coming up with creative ideas on how to meet the growing demands of digital business in terms of data velocity; higher throughput, lower latency, higher variety, and contemporary data types. Read More

Using Apache ZooKeeper as a Micro-Services endpoint registry

Background

We at CAPIOT are developing an ERP solution for one of the leading Indian e-commerce players. We chose the micro-services approach for this. Each module would be an independent node.js service that would define its own APIs.When a cross-service call is needed the requesting service would call the API for the requested service. We quickly realized the need for a discovery service or a registry for our micro-services.  Read More