CVE-2021-25740 - OpenCVE

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Kubernetes	Kubernetes

Configuration 1 [-]

cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/kubernetes/kubernetes/issues/103675	Mitigation Third Party Advisory
https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE	Mailing List Mitigation Third Party Advisory
https://security.netapp.com/advisory/ntap-20211014-0001/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: kubernetes

Published: 2021-07-14T00:00:00

Updated: 2021-10-14T08:06:14

Reserved: 2021-01-21T00:00:00

Link: CVE-2021-25740

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-09-20T17:15:08.283

Modified: 2021-11-06T02:49:08.723

Link: CVE-2021-25740

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Kubernetes", "vendor": "Kubernetes", "versions": [{"lessThanOrEqual": "1.20.11", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "unknown", "version": "next of 1.20.11", "versionType": "custom"}, {"lessThanOrEqual": "1.21.5", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "unknown", "version": "next of 1.21.5", "versionType": "custom"}, {"lessThanOrEqual": "1.22.2", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "unknown", "version": "next of 1.22.2", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Rob Scott"}], "datePublic": "2021-07-14T00:00:00", "descriptions": [{"lang": "en", "value": "A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-441", "description": "CWE-441 Unintended Proxy or Intermediary", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-14T08:06:14", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kubernetes/kubernetes/issues/103675"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20211014-0001/"}], "source": {"defect": ["https://github.com/kubernetes/kubernetes/issues/103675"], "discovery": "EXTERNAL"}, "title": "Holes in EndpointSlice Validation Enable Host Network Hijack", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2021-07-14T21:23:00.000Z", "ID": "CVE-2021-25740", "STATE": "PUBLIC", "TITLE": "Holes in EndpointSlice Validation Enable Host Network Hijack"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kubernetes", "version": {"version_data": [{"version_affected": "<=", "version_value": "1.20.11"}, {"version_affected": ">?", "version_value": "1.20.11"}, {"version_affected": "<=", "version_value": "1.21.5"}, {"version_affected": ">?", "version_value": "1.21.5"}, {"version_affected": "<=", "version_value": "1.22.2"}, {"version_affected": ">?", "version_value": "1.22.2"}]}}]}, "vendor_name": "Kubernetes"}]}}, "credit": [{"lang": "eng", "value": "Rob Scott"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-441 Unintended Proxy or Intermediary"}]}]}, "references": {"reference_data": [{"name": "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE", "refsource": "MISC", "url": "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE"}, {"name": "https://github.com/kubernetes/kubernetes/issues/103675", "refsource": "MISC", "url": "https://github.com/kubernetes/kubernetes/issues/103675"}, {"name": "https://security.netapp.com/advisory/ntap-20211014-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20211014-0001/"}]}, "source": {"defect": ["https://github.com/kubernetes/kubernetes/issues/103675"], "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2021-25740", "datePublished": "2021-07-14T00:00:00", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2021-10-14T08:06:14", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*", "matchCriteriaId": "14C32308-314D-4E0D-B15F-6A68DF21E9F9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack."}, {"lang": "es", "value": "Se ha detectado un problema de seguridad en Kubernetes que podr\u00eda permitir a usuarios enviar tr\u00e1fico de red a lugares a los que de otro modo no tendr\u00edan acceso por medio de un ataque de tipo confused deputy"}], "id": "CVE-2021-25740", "lastModified": "2021-11-06T02:49:08.723", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "jordan@liggitt.net", "type": "Secondary"}]}, "published": "2021-09-20T17:15:08.283", "references": [{"source": "jordan@liggitt.net", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/issues/103675"}, {"source": "jordan@liggitt.net", "tags": ["Mailing List", "Mitigation", "Third Party Advisory"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE"}, {"source": "jordan@liggitt.net", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211014-0001/"}], "sourceIdentifier": "jordan@liggitt.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-610"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-441"}], "source": "jordan@liggitt.net", "type": "Secondary"}]}