Improper header sanitization in bored-agent causes escalation of privilege

Release Date

2022/01/24

Overview

Bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.

Affected Products

Bored-agent prior to v0.6.1

Vulnerability Information

CVE Identifier

CVE-2022-0270

CVSSv3.1

8.8 (HIGH) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs

CWE-284

Mitigations

Upgrade to v0.6.1 or later. In most installations, this should be automatic.

Work arounds

None

Acknowledgements

Found by Mirantis PSIRT

Disclosure Timeline

2022/01/24: public advisory released

2022/01/18: fixed in lensapp/bored-agent#144

2022/01/18: Mirantis PSIRT reported vulnerability to Lens team

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

0004.md

0004.md

Improper header sanitization in bored-agent causes escalation of privilege

Release Date

Overview

Affected Products

Vulnerability Information

CVE Identifier

CVSSv3.1

CWEs

Mitigations

Work arounds

Acknowledgements

Disclosure Timeline

Files

0004.md

Latest commit

History

0004.md

File metadata and controls

Improper header sanitization in bored-agent causes escalation of privilege

Release Date

Overview

Affected Products

Vulnerability Information

CVE Identifier

CVSSv3.1

CWEs

Mitigations

Work arounds

Acknowledgements

Disclosure Timeline