A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or…
kubernetes·CWE-441·Published 2021-09-20
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
Se ha detectado un problema de seguridad en Kubernetes donde los actores que controlan las respuestas de las peticiones MutatingWebhookConfiguration o ValidatingWebhookConfiguration son capaces de redirigir las peticiones de kube-apiserver a redes privadas del apiserver. Si ese usuario puede visualizar los registros de kube-apiserver cuando el nivel de registro se establece en 10, puede visualizar las respuestas redirigidas y los encabezados en los registros
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 4.0 | 8.0 | 2.9 | AV:N/AC:L/Au:S/C:P/I:N/A:N |
| 3.1 | Primary | cve.org | 4.1 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N |
| 3.1 | Primary | NVD | 4.1 | 2.3 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N |
| 3.1 | Primary | cve.org | 4.1 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N |
| 3.1 | Secondary | NVD | 4.1 | 2.3 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N |
| 3.1 | Secondary | GHSA | 4.1 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N |