CVE-2022-23509

Weave Gitops Run vulnerable to insecure communication

Severity Score

6.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps Run and the local S3 bucket is not encrypted. This allows privileged users or process to tap the local traffic to gain information permitting access to the s3 bucket. From that point, it would be possible to alter the bucket content, resulting in changes in the Kubernetes cluster's resources. There are no known workaround(s) for this vulnerability. This vulnerability has been fixed by commits ce2bbff and babd915. Users should upgrade to Weave GitOps version >= v0.12.0 released on 08/12/2022.

Weave GitOps es una sencilla plataforma de desarrollo de código abierto para personas que desean aplicaciones nativas de la nube, sin necesidad de experiencia en Kubernetes. La ejecución de GitOps tiene un depósito S3 local que utiliza para sincronizar archivos que luego se aplican en un clúster de Kubernetes. La comunicación entre GitOps Run y el depósito S3 local no está cifrada. Esto permite a los usuarios o procesos privilegiados aprovechar el tráfico local para obtener información que permita el acceso al depósito s3. A partir de ese punto, sería posible alterar el contenido del depósito, lo que daría como resultado cambios en los recursos del clúster de Kubernetes. No se conocen workarounds para esta vulnerabilidad. Esta vulnerabilidad se solucionó mediante las confirmaciones ce2bbff y babd915. Los usuarios deben actualizar a la versión Weave GitOps >= v0.12.0 lanzada el 12/08/2022.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-01-19 CVE Reserved
2023-01-09 CVE Published
2024-08-01 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-319: Cleartext Transmission of Sensitive Information

CAPEC

References (3)

URL	Tag	Source
https://github.com/weaveworks/weave-gitops/security/advisories/GHSA-89qm-wcmw-3mgg	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/weaveworks/weave-gitops/pull/3098/commits/babd91574b99b310b84aeec9f8f895bd18acb967	2023-11-07
https://github.com/weaveworks/weave-gitops/pull/3106/commits/ce2bbff0a3609c33396050ed544a5a21f8d0797f	2023-11-07

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Weave Search vendor "Weave"		Weave Gitops Search vendor "Weave" for product "Weave Gitops"				< 0.12.0 Search vendor "Weave" for product "Weave Gitops" and version " < 0.12.0"		-		Affected