This issue has been resolved. All updates have been performed to remove this vulnerability and additional policies have been in place to mitigate any exposure due to this type of exploit.
Posted Mar 28, 2025 - 13:54 UTC
Monitoring
This notice is to inform you about a recently disclosed security vulnerability, known as "Ingress Nightmare," that affects certain Kubernetes Ingress configurations. While our SaaS solution utilizes Kubernetes, we have implemented controls to mitigate the potential impact of this vulnerability.
What is the Ingress Nightmare Vulnerability (https://sysdig.com/blog/detecting-and-mitigating-ingressnightmare-cve-2025-1974/)? This vulnerability could, in certain scenarios, allow unauthorized access to services within a Kubernetes cluster. Impact on Our SaaS Solution: - We have existing security measures in place that limit the scope and potential impact of this vulnerability. - We are actively deploying updates to fully address and prevent this vulnerability. The deployment is scheduled for March 27th.
Our Commitment to Security: - We conduct regular vulnerability scans to proactively identify and address security concerns. - Following the update deployment on March 27th, we will perform an immediate security scan to confirm the vulnerability has been completely resolved.
Your security is our top priority. We are committed to maintaining a secure and reliable SaaS solution. If you have any questions or concerns, please don't hesitate to contact our support team.
Posted Mar 26, 2025 - 15:43 UTC
This incident affected: APAC Regions (APAC Marketplace, APAC Data Governance), EU Regions (EU Marketplace, EU Data Governance), and Americas Regions (Americas Marketplace, Americas Data Governance).