CVE-2022-3172
Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties.
Se descubrió un problema de seguridad en kube-apiserver que permite que un servidor API agregado redirija el tráfico del cliente a cualquier URL. Esto podría llevar a que el cliente realice acciones inesperadas, así como a que reenvíe las credenciales del servidor API del cliente a terceros.
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties.
Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-09-09 CVE Reserved
- 2023-01-18 CVE Published
- 2024-04-02 First Exploit
- 2025-02-13 CVE Updated
- 2025-07-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-918: Server-Side Request Forgery (SSRF)
CAPEC
- CAPEC-560: Use of Known Domain Credentials
References (6)
| URL | Tag | Source |
|---|---|---|
| https://groups.google.com/g/kubernetes-security-announce/c/_aLzYMpPRak | Mailing List | |
| https://security.netapp.com/advisory/ntap-20231221-0005 |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/UgOrange/CVE-2022-3172 | 2024-04-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/kubernetes/kubernetes/issues/112513 | 2023-12-21 | |
| https://access.redhat.com/security/cve/CVE-2022-3172 | 2023-06-14 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2127804 | 2023-06-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kubernetes Search vendor "Kubernetes" | Apiserver Search vendor "Kubernetes" for product "Apiserver" | <= 1.21.14 Search vendor "Kubernetes" for product "Apiserver" and version " <= 1.21.14" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Apiserver Search vendor "Kubernetes" for product "Apiserver" | >= 1.22.0 < 1.22.14 Search vendor "Kubernetes" for product "Apiserver" and version " >= 1.22.0 < 1.22.14" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Apiserver Search vendor "Kubernetes" for product "Apiserver" | >= 1.23.0 < 1.23.11 Search vendor "Kubernetes" for product "Apiserver" and version " >= 1.23.0 < 1.23.11" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Apiserver Search vendor "Kubernetes" for product "Apiserver" | >= 1.24.0 < 1.24.5 Search vendor "Kubernetes" for product "Apiserver" and version " >= 1.24.0 < 1.24.5" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Apiserver Search vendor "Kubernetes" for product "Apiserver" | 1.25.0 Search vendor "Kubernetes" for product "Apiserver" and version "1.25.0" | - |
Affected
| ||||||