阿里云漏洞库

漏洞描述

A flaw was found in Kubernetes, where users may have access to secure endpoints in the control plane network. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in the kube-apiserver made it possible to bypass this validation. Bypassing this validation allows authenticated requests destined for Nodes to redirect to the API Server through its private network.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://github.com/kubernetes/kubernetes/issues/113757
https://groups.google.com/g/kubernetes-security-announce/c/VyPOxF7CIbA
https://security.netapp.com/advisory/ntap-20230505-0007/

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	kubernetes	kubernetes	*		Up to (excluding) 1.22.16
	运行在以下环境
	应用	kubernetes	kubernetes	*	From (including) 1.23.0	Up to (excluding) 1.23.14
	运行在以下环境
	应用	kubernetes	kubernetes	*	From (including) 1.24.0	Up to (excluding) 1.24.8
	运行在以下环境
	应用	kubernetes	kubernetes	*	From (including) 1.25.0	Up to (excluding) 1.25.4
	运行在以下环境
	系统	debian_11	kubernetes	*		Up to (excluding) 1.20.5+really1.20.2-1
	运行在以下环境
	系统	debian_12	kubernetes	*		Up to (excluding) 1.20.5+really1.20.2-1
	运行在以下环境
	系统	fedora_35	kubernetes	*		Up to (excluding) 1.22.16-1.fc35
	运行在以下环境
	系统	fedora_37	kubernetes	*		Up to (excluding) 1.25.4-3.fc37
	运行在以下环境
	系统	oracle_7	kubeadm	*		Up to (excluding) 1.4.9-2.el7
	运行在以下环境
	系统	oracle_8	kubeadm	*		Up to (excluding) 1.21.14-3.el8

攻击路径

本地
攻击复杂度

困难
权限要求

普通权限
影响范围

有限影响
EXP成熟度

未验证
补丁情况

官方补丁
数据保密性

无影响
数据完整性

无影响
服务器危害

无影响
全网数量

N/A

CWE-ID	漏洞类型
CWE-288	使用候选路径或通道进行的认证绕过
NVD-CWE-noinfo

中危 fedora_37 kubernetes-kubeadm 使用候选路径或通道进行的认证绕过

漏洞描述

解决建议

参考链接

受影响软件情况