CVE-2022-36103 — Incorrect Permission Assignment in Talos

CWE-732 — Incorrect Permission Assignment CWE-863 — Incorrect Authorization4 documents3 sources

Severity

8.8HIGHNVD

EPSS

0.3%

top 49.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siderolabs Talos Github.com Talos-systems Talos Siderolabs Talos Linux

Timeline

PublishedSep 13

Latest updateAug 21

Description

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR (certificate signing request) Talos control plane node might issue Talos API certificate which allows full access to Talos API on a control plane node. Accessing Talos API with full level access on a control plane node might reveal sensitive information which allows full level ac…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDsiderolabs/talos_linux< 1.2.2

▶CVEListV5siderolabs/talos< 1.2.2

▶Gogithub.com/talos-systems_talos< 1.2.2

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Talos worker join token can be used to get elevated access level to the Talos API in github.com/talos-systems/talos↗2024-08-21

▶

GHSA

Talos worker join token can be used to get elevated access level to the Talos API↗2022-09-16

▶

OSV

Talos worker join token can be used to get elevated access level to the Talos API↗2022-09-16

▶