Improper Privilege Management
CVE-2023-30617
Summary
Kruise provides automated management of large-scale applications on Kubernetes. In versions 0.8.0 through 1.3.0, 1.4.0, and 1.5.0 through 1.5.1, an attacker who has gained root privilege of the node that kruise-daemon run can leverage the kruise-daemon pod to list all secrets in the entire cluster. After that, the attacker can leverage the "captured" secrets (e.g. the kruise-manager service account token) to gain extra privileges such as pod modification. For users that do not require imagepulljob functions, they can modify kruise-daemon-role to drop the cluster level secret get/list privilege.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- HIGH
- HIGH
- NONE
CWE-269 - Improper Privilege Management
An effective privilege management infrastructure provides valid users with required access and privileges across heterogeneous technology environments. An application with a faulty privilege management infrastructure allows higher than authorized privileges or enables privilege escalation. This can lead to security incidents such as system infiltration, data breach, and complete system takeover.
References
Advisory Timeline
- Published