CVE-2022-3172

2023-11-0320:15:08

CWE-918

kubernetes

web.nvd.nist.gov

1895

security

cve-2022-3172

kube-apiserver

api server

client traffic

credentials

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

28.1%

JSON

A security issue was discovered in kube-apiserver that allows an
aggregated API server to redirect client traffic to any URL. This could
lead to the client performing unexpected actions as well as forwarding
the client’s API server credentials to third parties.

Affected configurations

Nvd

Node

kubernetesapiserverRange≤1.21.14

kubernetesapiserverRange1.22.0–1.22.14

kubernetesapiserverRange1.23.0–1.23.11

kubernetesapiserverRange1.24.0–1.24.5

kubernetesapiserverMatch1.25.0

VendorProductVersionCPE
kubernetesapiserver*cpe:2.3:a:kubernetes:apiserver:*:*:*:*:*:*:*:*
kubernetesapiserver1.25.0cpe:2.3:a:kubernetes:apiserver:1.25.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kubernetes	apiserver	*	cpe:2.3:a:kubernetes:apiserver::::::::
kubernetes	apiserver	1.25.0	cpe:2.3:a:kubernetes:apiserver:1.25.0:::::::*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "kube-apiserver",
    "repo": "https://github.com/kubernetes/kubernetes",
    "vendor": "Kubernetes",
    "versions": [
      {
        "status": "affected",
        "version": "v1.25.0"
      },
      {
        "lessThanOrEqual": "v1.24.4",
        "status": "affected",
        "version": "v1.24.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "v1.23.10",
        "status": "affected",
        "version": "v1.23.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "v1.22.13",
        "status": "affected",
        "version": "v1.22.0",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "v1.25.1"
      },
      {
        "status": "unaffected",
        "version": "v1.24.5"
      },
      {
        "status": "unaffected",
        "version": "v1.23.11"
      },
      {
        "status": "unaffected",
        "version": "v1.22.14"
      },
      {
        "lessThanOrEqual": "v1.21.14",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]