Lucene search

GitHub Advisory DatabaseGHSA-757P-VX43-FP9R

HistoryJul 21, 2023 - 8:18 p.m.

KubePi Privilege Escalation vulnerability

2023-07-2120:18:00

CWE-269

GitHub Advisory Database

github.com

kubepi

privilege escalation

user permissions

admin

security vulnerability

user management

software

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L

0.001 Low

EPSS

Percentile

23.5%

JSON

Summary

A normal user has permission to create/update users, they can become admin by editing the isadmin value in the request

PoC

Change the value of the isadmin field in the request to true:
https://drive.google.com/file/d/1e8XJbIFIDXaFiL-dqn0a0b6u7o3CwqSG/preview

Impact

Elevate user privileges

Affected configurations

Vulners

Node

kubeoperatorkubepiRange<1.6.5

CPENameOperatorVersion
github.com/kubeoperator/kubepilt1.6.5

CPE	Name	Operator	Version
	github.com/kubeoperator/kubepi	lt	1.6.5

References

drive.google.com/file/d/1e8XJbIFIDXaFiL-dqn0a0b6u7o3CwqSG/preview

github.com/1Panel-dev/KubePi/releases/tag/v1.6.5

github.com/1Panel-dev/KubePi/security/advisories/GHSA-757p-vx43-fp9r

github.com/advisories/GHSA-757p-vx43-fp9r

nvd.nist.gov/vuln/detail/CVE-2023-37917