6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
15.2%
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the spec.rules[].http.paths[].path
field of an Ingress object (in the networking.k8s.io
or extensions
API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
CPE | Name | Operator | Version |
---|---|---|---|
k8s.io/ingress-nginx | lt | 1.2.1 |
github.com/advisories/GHSA-863x-868h-968x
github.com/kubernetes/ingress-nginx/issues/8686
github.com/kubernetes/ingress-nginx/pull/8623
github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.2.1
groups.google.com/g/kubernetes-security-announce/c/avaRYa9c7I8
nvd.nist.gov/vuln/detail/CVE-2021-25748
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
15.2%