Lucene search

GitHub_MVULNRICHMENT:CVE-2024-42363

HistoryAug 20, 2024 - 8:20 p.m.

CVE-2024-42363 GHSL-2023-136_Samson

2024-08-2020:20:03

CWE-502

GitHub_M

github.com

cve-2024-42363

ghsl-2023-136_samson

kubernetes

role configuration

remote code execution (rce)

yaml deserialization

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

Percentile

10.9%

SSVC

Exploitation

poc

Automatable

Technical Impact

total

JSON

Prior to 3385, the user-controlled role parameter enters the application in the Kubernetes::RoleVerificationsController. The role parameter flows into the RoleConfigFile initializer and then into the Kubernetes::Util.parse_file method where it is unsafely deserialized using the YAML.load_stream method. This issue may lead to Remote Code Execution (RCE). This vulnerability is fixed in 3385.

CNA Affected

[
  {
    "vendor": "Zendesk",
    "product": "Samson",
    "versions": [
      {
        "status": "affected",
        "version": "< 3385"
      }
    ]
  }
]

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:zendesk:samson:*:*:*:*:*:*:*:*"
    ],
    "vendor": "zendesk",
    "product": "samson",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "3385",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

github.com/zendesk/samson/blob/107efb4a252425966aac5e77d0c3670f9b5d7229/plugins/kubernetes/app/controllers/kubernetes/role_verifications_controller.rb#L10

github.com/zendesk/samson/blob/107efb4a252425966aac5e77d0c3670f9b5d7229/plugins/kubernetes/app/controllers/kubernetes/role_verifications_controller.rb#L7

github.com/zendesk/samson/blob/107efb4a252425966aac5e77d0c3670f9b5d7229/plugins/kubernetes/app/models/kubernetes/role_config_file.rb#L80

github.com/zendesk/samson/blob/107efb4a252425966aac5e77d0c3670f9b5d7229/plugins/kubernetes/app/models/kubernetes/util.rb#L9

github.com/zendesk/samson/pull/4071

securitylab.github.com/advisories/GHSL-2023-136_Samson/

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

Percentile

10.9%

SSVC

Exploitation

poc

Automatable

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2024-42363