CVE-2024-7646
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the networking.k8s.io or extensions API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kubernetes | ingress-nginx | 1.11.0 < 1.11.2 | affected |
| Kubernetes | ingress-nginx | 1.11.2 | unaffected |
| Kubernetes | ingress-nginx | 1.10.4 | unaffected |
| Kubernetes | ingress-nginx | 0 < 1.10.4 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://github.com/kubernetes/kubernetes/issues/126744
- https://groups.google.com/g/kubernetes-security-announce/c/a1__cKjWkfA
- https://github.com/kubernetes/ingress-nginx/pull/11719
- https://github.com/kubernetes/ingress-nginx/pull/11721
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.