Published: 01/03/2023 Updated: 05/05/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kubernetes kubernetes

DescriptionA flaw was found in Kubernetes, where users may have access to secure endpoints in the control plane network Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more While Kubernetes already validates the proxyin ...

Critical Infrastructure Sectors: Critical Manufacturing

NVD-CWE-noinfo https://github.com/kubernetes/kubernetes/issues/113757 https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA https://security.netapp.com/advisory/ntap-20230505-0007/https://nvd.nist.gov https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11 https://access.redhat.com/security/cve/cve-2022-3294

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-3294

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect