CVE-2021-25742Improper Input Validation in Kubernetes Ingress-nginx

CWE-20Improper Input ValidationCWE-522Insufficiently Protected Credentials6 documents5 sources
Severity
7.1HIGHNVD
CNA7.6
EPSS
0.6%
top 30.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Kubernetes Ingress-nginxKubernetes Ingress-nginx
Timeline
PublishedOct 29
Latest updateNov 24

Description

A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

NVDkubernetes/ingress-nginx< 0.49.1+1
CVEListV5kubernetes/kubernetes_ingress-nginxunspecified0.49.0+1

🔴Vulnerability Details

2
GHSA
GHSA-4pp2-3663-mcw8: A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain2022-05-24
CVEList
Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces2021-10-29

📋Vendor Advisories

1
Red Hat
k8s.io/ingress-nginx: Custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces2021-10-21

💬Community

2
HackerOne
Ingress nginx annotation injection causes arbitrary command execution2023-11-24
HackerOne
Ingress-nginx annotation injection allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces2022-08-13
CVE-2021-25742 — Improper Input Validation | cvebase