All the vulnerabilites related to Kubernetes - Kubernetes ingress-nginx
cve-2021-25746
Vulnerability from cvelistv5
Published
2022-05-06 00:50
Modified
2024-09-17 03:48
Severity ?
EPSS score ?
Summary
Ingress-nginx directive injection via annotations
References
▼ | URL | Tags |
---|---|---|
https://groups.google.com/g/kubernetes-security-announce/c/hv2-SfdqcfQ | x_refsource_MISC | |
https://github.com/kubernetes/ingress-nginx/issues/8503 | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220609-0006/ | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Kubernetes | Kubernetes ingress-nginx |
Version: unspecified < 1.2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:11:28.322Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/hv2-SfdqcfQ" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/8503" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kubernetes ingress-nginx", "vendor": "Kubernetes", "versions": [ { "lessThan": "1.2.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Anthony Weems" }, { "lang": "en", "value": "jeffrey\u0026oliver" } ], "datePublic": "2022-04-22T00:00:00", "descriptions": [ { "lang": "en", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-09T18:06:17", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/hv2-SfdqcfQ" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/8503" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0006/" } ], "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/8503" ], "discovery": "EXTERNAL" }, "title": "Ingress-nginx directive injection via annotations", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2022-04-22T16:30:00.000Z", "ID": "CVE-2021-25746", "STATE": "PUBLIC", "TITLE": "Ingress-nginx directive injection via annotations" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Kubernetes ingress-nginx", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "1.2.0" } ] } } ] }, "vendor_name": "Kubernetes" } ] } }, "credit": [ { "lang": "eng", "value": "Anthony Weems" }, { "lang": "eng", "value": "jeffrey\u0026oliver" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20: Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/kubernetes-security-announce/c/hv2-SfdqcfQ", "refsource": "MISC", "url": "https://groups.google.com/g/kubernetes-security-announce/c/hv2-SfdqcfQ" }, { "name": "https://github.com/kubernetes/ingress-nginx/issues/8503", "refsource": "MISC", "url": "https://github.com/kubernetes/ingress-nginx/issues/8503" }, { "name": "https://security.netapp.com/advisory/ntap-20220609-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220609-0006/" } ] }, "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/8503" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2021-25746", "datePublished": "2022-05-06T00:50:15.541972Z", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-09-17T03:48:11.881Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-25742
Vulnerability from cvelistv5
Published
2021-10-29 04:05
Modified
2024-09-16 23:06
Severity ?
EPSS score ?
Summary
Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces
References
▼ | URL | Tags |
---|---|---|
https://groups.google.com/g/kubernetes-security-announce/c/mT4JJxi9tQY | x_refsource_MISC | |
https://github.com/kubernetes/ingress-nginx/issues/7837 | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211203-0001/ | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Kubernetes | Kubernetes ingress-nginx |
Version: unspecified < Version: unspecified < |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:11:27.558Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/mT4JJxi9tQY" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/7837" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211203-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kubernetes ingress-nginx", "vendor": "Kubernetes", "versions": [ { "lessThanOrEqual": "0.49.0", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "unspecified", "status": "unknown", "version": "next of 0.49.0", "versionType": "custom" }, { "lessThanOrEqual": "1.0.0", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "unspecified", "status": "unknown", "version": "next of 1.0.0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Mitch Hulscher" } ], "datePublic": "2021-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-06T00:50:12", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/mT4JJxi9tQY" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/7837" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20211203-0001/" } ], "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/7837" ], "discovery": "EXTERNAL" }, "title": "Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces", "workarounds": [ { "lang": "en", "value": "This can be mitigated by disallowing snippet annotations on a supported version. Refer to https://github.com/kubernetes/ingress-nginx/issues/7837 for instructions." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2021-10-21T16:15:00.000Z", "ID": "CVE-2021-25742", "STATE": "PUBLIC", "TITLE": "Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Kubernetes ingress-nginx", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "0.49.0" }, { "version_affected": "\u003e?", "version_value": "0.49.0" }, { "version_affected": "\u003c=", "version_value": "1.0.0" }, { "version_affected": "\u003e?", "version_value": "1.0.0" } ] } } ] }, "vendor_name": "Kubernetes" } ] } }, "credit": [ { "lang": "eng", "value": "Mitch Hulscher" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20: Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/kubernetes-security-announce/c/mT4JJxi9tQY", "refsource": "MISC", "url": "https://groups.google.com/g/kubernetes-security-announce/c/mT4JJxi9tQY" }, { "name": "https://github.com/kubernetes/ingress-nginx/issues/7837", "refsource": "MISC", "url": "https://github.com/kubernetes/ingress-nginx/issues/7837" }, { "name": "https://security.netapp.com/advisory/ntap-20211203-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20211203-0001/" } ] }, "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/7837" ], "discovery": "EXTERNAL" }, "work_around": [ { "lang": "en", "value": "This can be mitigated by disallowing snippet annotations on a supported version. Refer to https://github.com/kubernetes/ingress-nginx/issues/7837 for instructions." } ] } } }, "cveMetadata": { "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2021-25742", "datePublished": "2021-10-29T04:05:10.713250Z", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-09-16T23:06:12.392Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-25748
Vulnerability from cvelistv5
Published
2023-05-24 00:00
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
Ingress-nginx `path` sanitization can be bypassed with newline character
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Kubernetes | Kubernetes ingress-nginx |
Version: unspecified < 1.2.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:11:28.404Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/avaRYa9c7I8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/8686" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kubernetes ingress-nginx", "vendor": "Kubernetes", "versions": [ { "lessThan": "1.2.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Gafnit Amiga" } ], "datePublic": "2022-06-10T00:00:00", "descriptions": [ { "lang": "en", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-24T00:00:00", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes" }, "references": [ { "url": "https://groups.google.com/g/kubernetes-security-announce/c/avaRYa9c7I8" }, { "url": "https://github.com/kubernetes/ingress-nginx/issues/8686" } ], "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/8686" ], "discovery": "EXTERNAL" }, "title": "Ingress-nginx `path` sanitization can be bypassed with newline character", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2021-25748", "datePublished": "2023-05-24T00:00:00", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-08-03T20:11:28.404Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-25745
Vulnerability from cvelistv5
Published
2022-05-06 00:50
Modified
2024-09-16 18:24
Severity ?
EPSS score ?
Summary
Ingress-nginx path can be pointed to service account token file
References
▼ | URL | Tags |
---|---|---|
https://groups.google.com/g/kubernetes-security-announce/c/7vQrpDZeBlc | x_refsource_MISC | |
https://github.com/kubernetes/ingress-nginx/issues/8502 | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220609-0006/ | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Kubernetes | Kubernetes ingress-nginx |
Version: unspecified < 1.2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:11:27.660Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/7vQrpDZeBlc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/8502" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kubernetes ingress-nginx", "vendor": "Kubernetes", "versions": [ { "lessThan": "1.2.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Gafnit Amiga" } ], "datePublic": "2022-04-22T00:00:00", "descriptions": [ { "lang": "en", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-09T18:06:16", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/7vQrpDZeBlc" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/kubernetes/ingress-nginx/issues/8502" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0006/" } ], "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/8502" ], "discovery": "EXTERNAL" }, "title": "Ingress-nginx path can be pointed to service account token file", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2022-04-22T16:30:00.000Z", "ID": "CVE-2021-25745", "STATE": "PUBLIC", "TITLE": "Ingress-nginx path can be pointed to service account token file" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Kubernetes ingress-nginx", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "1.2.0" } ] } } ] }, "vendor_name": "Kubernetes" } ] } }, "credit": [ { "lang": "eng", "value": "Gafnit Amiga" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20: Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/kubernetes-security-announce/c/7vQrpDZeBlc", "refsource": "MISC", "url": "https://groups.google.com/g/kubernetes-security-announce/c/7vQrpDZeBlc" }, { "name": "https://github.com/kubernetes/ingress-nginx/issues/8502", "refsource": "MISC", "url": "https://github.com/kubernetes/ingress-nginx/issues/8502" }, { "name": "https://security.netapp.com/advisory/ntap-20220609-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220609-0006/" } ] }, "source": { "defect": [ "https://github.com/kubernetes/ingress-nginx/issues/8502" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2021-25745", "datePublished": "2022-05-06T00:50:14.042796Z", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-09-16T18:24:11.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }