admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2022-3294: Node address isn't always verified when proxying

Browse Source
This commit is contained in:
Tim Allclair 2023-02-01 18:01:19 -08:00 committed by Mo Khan
parent a9352539ca
commit b793550db5
1 changed files with 107 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
2022/3xxx/CVE-2022-3294.json
View File

@ -1,18 +1,117 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@kubernetes.io",
"DATE_PUBLIC": "2022-11-10T17:25:00.000Z",
"ID": "CVE-2022-3294",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Node address isn't always verified when proxying"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kubernetes",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "v1.25.3"
},
{
"version_affected": "<=",
"version_value": "v1.24.7"
},
{
"version_affected": "<=",
"version_value": "v1.23.13"
},
{
"version_affected": "<=",
"version_value": "v1.22.15"
}
]
}
}
]
},
"vendor_name": "Kubernetes"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami of Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them.\n\nKubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network."
}
]
}
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/issues/113757"
}
]
},
"source": {
"defect": [
"https://github.com/kubernetes/kubernetes/issues/113757"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Configuring an egress proxy for egress to the cluster network can mitigate this vulnerability"
}
]
}