Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF) #172

Open
pacoxu opened this issue Sep 15, 2022 · 1 comment
Labels
1.18 1.19 1.20 1.21 priority/medium Medium(4.0≤Score<7.0) CVSS Score CVE

Comments

@pacoxu
Copy link
Member

pacoxu commented Sep 15, 2022

What happened?

A security issue was discovered in kube-apiserver that could allow an attacker controlled aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as leaking the client's credentials to third parties.

There is no mitigation from this issue. Cluster admins should take care to secure aggregated API servers and should not grant access to mutate APIServices to untrusted parties.

What did you expect to happen?

NA

How can we reproduce it (as minimally and precisely as possible)?

NA

Anything else we need to know?

Affected Versions:

  • kube-apiserver v1.25.0
  • kube-apiserver v1.24.0 - v1.24.4
  • kube-apiserver v1.23.0 - v1.23.10
  • kube-apiserver v1.22.0 - v1.22.14
  • kube-apiserver <= v1.21.?

Fixed Versions:

  • kube-apiserver v1.25.1
  • kube-apiserver v1.24.5
  • kube-apiserver v1.23.11
  • kube-apiserver v1.22.14

This vulnerability was reported by Nicolas Joly & Weinong Wang from Microsoft

CVSS Rating: Medium (5.1) CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L

@github-actions
Copy link

Hi @pacoxu,
Thanks for opening an issue!
We will look into it as soon as possible.

Details Instructions for interacting with me using comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the [gh-ci-bot](https://github.com/wzshiming/gh-ci-bot) repository.

@pacoxu pacoxu added 1.20 1.21 1.18 1.19 priority/medium Medium(4.0≤Score<7.0) CVSS Score CVE labels Sep 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
1.18 1.19 1.20 1.21 priority/medium Medium(4.0≤Score<7.0) CVSS Score CVE
Projects
None yet
Development

No branches or pull requests

1 participant