Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Leverage the kruise-daemon pod to list all secrets in the entire cluster
Vulnerability Description
Kruise provides automated management of large-scale applications on Kubernetes. Starting in version 0.8.0 and prior to versions 1.3.1, 1.4.1, and 1.5.2, an attacker who has gained root privilege of the node that kruise-daemon run can leverage the kruise-daemon pod to list all secrets in the entire cluster. After that, the attacker can leverage the "captured" secrets (e.g. the kruise-manager service account token) to gain extra privileges such as pod modification. Versions 1.3.1, 1.4.1, and 1.5.2 fix this issue. A workaround is available. For users that do not require imagepulljob functions, they can modify kruise-daemon-role to drop the cluster level secret get/list privilege.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
带着不必要的权限执行
Vulnerability Title
Kruise 安全漏洞
Vulnerability Description
Kruise是云原生计算基金会(Cloud Native Computing Foundation)的一个应用程序。 Kruise 0.8.0之后版本存在安全漏洞。攻击者利用该漏洞可以获得额外权限。
CVSS Information
N/A
Vulnerability Type
N/A