# [HIGH] API authentication vulnerability found in Snyk Kubernetes integration (CVE-2023-1065)

**Source:** Snyk
**Published:** 2023-02-28
**Article:** https://snyk.io/blog/api-auth-vuln-snyk-kubernetes-cve-2023-1065/

## Threat Profile

Snyk Blog In this article
Written by Hannah Foxwell 
February 28, 2023
0 mins read We would like to inform Snyk customers of some important changes to Snyk Container’s Kubernetes Monitor integration to address vulnerabilities found in the API authentication. At this time, the Kubernetes integration is only available on Snyk's Enterprise plan . Only Enterprise customers who have deployed the Snyk Kubernetes Monitor are impacted.
CVE-2023-1065 CVE-2023-1065 is a medium severity vulnerability that …

## Indicators of Compromise (high-fidelity only)

- **CVE:** `CVE-2023-1065`

## MITRE ATT&CK Techniques

- **T1190** — Exploit Public-Facing Application

## Kill chain phases observed

_(none detected from narrative keywords)_

## Recommended hunts

### IOC-driven hunts (use shared templates)

These are standard IOC-substitution hunts — the canonical SPL and KQL live once in [`_TEMPLATES.md`](../_TEMPLATES.md), so we don't repeat the same boilerplate on every CVE / hash / network-IOC briefing.

- **Asset exposure — vulnerability matches article CVE(s)** ([template](../_TEMPLATES.md#asset-exposure)) — phase: **recon**, confidence: **High**
  - CVE(s): `CVE-2023-1065`


## Why this matters

Severity classified as **HIGH** based on: CVE present, 1 use case(s) fired, 1 technique(s) inferred. Read the full article for actor attribution, tooling details, and any defanged IOCs in the body that aren't visible in the RSS summary.