Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-E7320C71A67DA38972A1F5C45D17F785HistoryJul 13, 2022 - 12:00 a.m.
aws-iam-authenticator allow-listed IAM identity may be able to modify their username, escalate privileges before v0.5.9
2022-07-1300:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
2
0.001 Low
EPSS
Percentile
37.2%
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/sigs.k8s.io/aws-iam-authenticator | lt | 0.5.9 |
References
github.com/advisories/GHSA-pp3f-98qg-5g75
github.com/kubernetes-sigs/aws-iam-authenticator/issues/472
github.com/kubernetes-sigs/aws-iam-authenticator/pull/469
github.com/kubernetes-sigs/aws-iam-authenticator/releases/tag/v0.5.9
groups.google.com/a/kubernetes.io/g/dev/c/EMxHpU-1ZYs
nvd.nist.gov/vuln/detail/CVE-2022-2385
Related
nessus
nessus
SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2022:2583-1)
2022-07-30 00:00:00
prion
prion
Security feature bypass
2022-07-12 19:15:00
osv
osv
CVE-2022-2385
2022-07-12 19:15:08
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2583-1)
2022-08-01 00:00:00
openSUSE: Security Advisory for aws-iam-authenticator (SUSE-SU-2022:2583-1)
2022-07-30 00:00:00
github
github
cve
cve
CVE-2022-2385
2022-07-12 19:15:08
redhatcve
redhatcve
CVE-2022-2385
2022-07-14 08:21:31
nvd
nvd
CVE-2022-2385
2022-07-12 19:15:08
cvelist
cvelist
CVE-2022-2385 AccessKeyID validation bypass
2022-07-11 00:00:00
suse
suse
Security update for aws-iam-authenticator (important)
2022-07-29 00:00:00
veracode
veracode
Privilege Escalation
2022-07-13 09:50:56