Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeroneNjaysecH1:877303
HistoryMay 18, 2020 - 5:25 p.m.

Kubernetes: Internal IP addresses range and AWS cluster region leaked in a Github repository

2020-05-1817:25:09
njaysec
hackerone.com
35
JSON

Report Submission Form

Summary:

I was exploring the GitHub repository and found some internal IP address and its cluster region related to AWS cluster. So i decided to report it to you. Please have a look and let me know.

Steps To Reproduce:

VISIT THIS LINK :
Repository - kubernetes / kubernetes
File Link - https://github.com/kubernetes/kubernetes/blob/d4d02a9028337e41b4f7a76e4e7de50067e8529e/cluster/aws/config-default.sh

Supporting Material/References:

Reference:
https://hackerone.com/reports/329791
https://hackerone.com/reports/271700
https://hackerone.com/reports/310036

Impact

  1. These IPs are related to AWS cloud, if someone get enter in the Vnet can also exploit machine on the machines already known.
  2. Gives the idea of the organization of internal network.
  3. Revealing the AWS cluster region can also narrow down the search of any hacker and make their work easy
  4. This will allow attackers to gain access to an internal IP of a DOD website along with other sensitive information that may be leaked with the request
JSON