5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
14.3%
Report Submission Form
When create k8s cluster over vsphere and enable vsphere as cloud provider. With logging level set to 4 or above, secret information will be printed out in the cloud controller manager’s log.
1.18.6
legacy cloud provider
[add details for how we can reproduce the issue, including relevant cluster setup and configuration]
[list any additional material (e.g. screenshots, logs, etc.)]
Source codes that print out the secret info:
https://github.com/kubernetes/kubernetes/blob/6d0f4749a59099171540d4fd7c9523b029e71ceb/staging/src/k8s.io/legacy-cloud-providers/vsphere/vsphere.go#L1503
Calling code path:
1.cmd/kube-controller-manager/app/controllermanager.go -> Run()
2.cmd/kube-controller-manager/app/controllermanager.go -> CreateControllerContext()
3. cmd/kube-controller-manager/app/cloudproviders.go -> createCloudProvider()
4. vendor/k8s.io/cloud-provider/cloud.go ->SetInformers()
5. staging/src/k8s.io/legacy-cloud-providers/vsphere/vsphere.go -> func (vs *VSphere) SetInformers(informerFactory informers.SharedInformerFactory)
If any kubernetes users or service accounts has privileges (e.g. GET pods/log in the kube-system namespace), he will be able to view all the secrets data when a secret is created or updated which may contain sensitive data such as password or private key. Further, is the secret is a service account token, then the user may escalate his privileges.
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0005 Low
EPSS
Percentile
14.3%