CVE-2021-20238Improper Authentication in Redhat Openshift Machine-config-operator

CWE-287Improper AuthenticationCWE-306Missing Authentication for Critical Function3 documents3 sources
Severity
3.7LOWNVD
EPSS
0.2%
top 52.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Redhat Openshift Machine-config-operatorOpenshift Machine-config-operatorRedhat Openshift Container Platform
Timeline
PublishedApr 1

Description

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint (port 22623) provides ignition configuration used for bootstrapping Nodes and can include some sensitive data, e.g. registry pull secrets. There are two scenarios where this data can be accessed. The first is on Baremetal, OpenStack, Ovirt, Vsphere and KubeVirt deployments which do not have a separate internal

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

CVEListV5openshift/machine-config-operatoraffecting versions up to, including ose-machine-config-operator-container-v4.9.0

Also affects: Openshift Container Platform 4.0

🔴Vulnerability Details

1
CVEList
CVE-2021-20238: It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters wit2022-04-01

📋Vendor Advisories

1
Red Hat
openshift/machine-config-operator: unauthenticated access to Machine Config Server ignition config2021-02-05
CVE-2021-20238 — Improper Authentication in Redhat | cvebase