Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
CVE-2022-3172

8.2HIGH

Key Information:

Vendor: Kubernetes
Status: Kube-apiserver
Vendor: CVE Published:; 3 November 2023

What is CVE-2022-3172?

A security issue in kube-apiserver allows an aggregated API server to redirect client traffic to unauthorized URLs. This vulnerability poses risks, as clients may unknowingly perform unintended actions while their API server credentials could be exposed to malicious third parties. Users are advised to review and update their systems to mitigate potential exploitation.

Affected Version(s)

kube-apiserver v1.25.0

kube-apiserver v1.24.0

kube-apiserver v1.23.0

References

https://github.com/kubernetes/kubernetes/issues/112513

issue-tracking

https://groups.google.com/g/kubernetes-security-announce/...

mailing-list

https://security.netapp.com/advisory/ntap-20231221-0005/

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2023
Vulnerability Reserved
Sep 9, 2022

Credit

Nicolas Joly

Weinong Wang