Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

x/vulndb: potential Go vuln in github.com/Azure/aad-pod-identity: CVE-2022-23551 #1183

Closed
GoVulnBot opened this issue Dec 21, 2022 · 1 comment
Closed

x/vulndb: potential Go vuln in github.com/Azure/aad-pod-identity: CVE-2022-23551 #1183

GoVulnBot opened this issue Dec 21, 2022 · 1 comment
Assignees
@timothy-king
Labels
duplicate

Comments

@GoVulnBot
Copy link

CVE-2022-23551 references github.com/Azure/aad-pod-identity, which may be a Go module.

Description:
aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request (example: /metadata/identity\oauth2\token/) would bypass the NMI validation and be sent to IMDS allowing a pod in the cluster to access identities that it shouldn't have access to. This issue has been fixed and has been included in AAD Pod Identity release version 1.8.13. If using the AKS pod-managed identities add-on, no action is required. The clusters should now be running the version 1.8.13 release.

References:

Cross references:
No existing reports found with this module or alias.

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: github.com/Azure/aad-pod-identity
    packages:
      - package: aad-pod-identity
description: |
    aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request (example: `/metadata/identity\oauth2\token/`) would bypass the NMI validation and be sent to IMDS allowing a pod in the cluster to access identities that it shouldn't have access to. This issue has been fixed and has been included in AAD Pod Identity release version 1.8.13. If using the AKS pod-managed identities add-on, no action is required. The clusters should now be running the version 1.8.13 release.
cves:
  - CVE-2022-23551
references:
  - web: https://github.com/Azure/aad-pod-identity/security/advisories/GHSA-p82q-rxpm-hjpc
  - fix: https://github.com/Azure/aad-pod-identity/commit/7e01970391bde6c360d077066ca17d059204cb5d
  - web: https://github.com/Azure/aad-pod-identity/releases/tag/v1.8.13
@timothy-king
Copy link
Contributor

Duplicate of #1181

@timothy-king timothy-king marked this as a duplicate of #1181 Dec 21, 2022
@timothy-king timothy-king self-assigned this Dec 21, 2022
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@timothy-king timothy-king

Labels
duplicate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@timothy-king @GoVulnBot