CVE-2022-36103

🗓️ 13 Sep 2022 17:05:10Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 401 Views

Improper validation in Talos Linux allows full access to API on control plane node

Reporter	Title	Published	Views	Family All 15
BDU FSTEC	The vulnerability of Talos Linux operating system interfaces allows a perpetrator to gain unauthorized access to protected information.	4 Oct 202200:00	–	bdu_fstec
Circl	CVE-2022-36103	13 Sep 202220:25	–	circl
CNNVD	Talos Linux 安全漏洞	13 Sep 202200:00	–	cnnvd
Cvelist	CVE-2022-36103 Talos worker join token can be used to get elevated access level to the Talos API	13 Sep 202217:05	–	cvelist
EUVD	EUVD-2022-6732	3 Oct 202520:07	–	euvd
Github Security Blog	Talos worker join token can be used to get elevated access level to the Talos API	16 Sep 202217:21	–	github
NVD	CVE-2022-36103	13 Sep 202217:15	–	nvd
OSV	CVE-2022-36103 Talos worker join token can be used to get elevated access level to the Talos API	13 Sep 202217:05	–	osv
OSV	GHSA-7HGC-PHP5-77QQ Talos worker join token can be used to get elevated access level to the Talos API	16 Sep 202217:21	–	osv
OSV	GO-2022-0995 Talos worker join token can be used to get elevated access level to the Talos API in github.com/talos-systems/talos	21 Aug 202416:03	–	osv

NVD

Vulners

Node

siderolabs talos_linuxRange<1.2.2

[
  {
    "product": "talos",
    "vendor": "siderolabs",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.2.2"
      }
    ]
  }
]

Source	Link
github	www.github.com/siderolabs/talos/releases/tag/v1.2.2
github	www.github.com/siderolabs/talos/security/advisories/GHSA-7hgc-php5-77qq
github	www.github.com/siderolabs/talos/commit/9eaf33f3f274e746ca1b442c0a1a0dae0cec088f

17 Jun 2026 04:52Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.2 - 8.8

EPSS0.00509

SSVC