3 matches found
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Kubernetes ingress-nginx
Summary Multiple vulnerabilities in Kubernetes ingress-nginx used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2022-4886 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with path...
Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows - CVE-2022-4886 CVSS score: 8.8 - Ingress-nginx path...
CVE-2022-4886
CVE-2022-4886 is an Ingress-Nginx vulnerability where path sanitization can be bypassed via the log_format directive. IBM and OSV entries describe an impact: a remote authenticated attacker could obtain credentials information from Kubernetes Ingress Controller (ALB) deployments affected by this ...