CVE-2023-42816 - OpenCVE

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Nirmata	Kyverno

Configuration 1 [-]

cpe:2.3:a:nirmata:kyverno:1.11.0:-:*:*:*:go:*:*

References

Link	Resource
https://github.com/kyverno/kyverno/commit/80d139bb5d1d9d7e907abe851b97dc73821a5be2	Patch
https://github.com/kyverno/kyverno/commit/fec2992e3f9fcd6b9c62267522c09b182e7df73b	Patch
https://github.com/kyverno/kyverno/pull/8428	Patch
https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-11-13T20:23:16.248Z

Updated: 2023-11-14T18:54:09.977Z

Reserved: 2023-09-14T16:13:33.308Z

Link: CVE-2023-42816

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-13T21:15:08.127

Modified: 2023-11-21T13:55:36.270

Link: CVE-2023-42816

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-42816", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-09-14T16:13:33.308Z", "datePublished": "2023-11-13T20:23:16.248Z", "dateUpdated": "2023-11-14T18:54:09.977Z"}, "containers": {"cna": {"title": "Denial of service from malicious signature in kyverno", "problemTypes": [{"descriptions": [{"cweId": "CWE-345", "lang": "en", "description": "CWE-345: Insufficient Verification of Data Authenticity", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r"}, {"name": "https://github.com/kyverno/kyverno/pull/8428", "tags": ["x_refsource_MISC"], "url": "https://github.com/kyverno/kyverno/pull/8428"}, {"name": "https://github.com/kyverno/kyverno/commit/80d139bb5d1d9d7e907abe851b97dc73821a5be2", "tags": ["x_refsource_MISC"], "url": "https://github.com/kyverno/kyverno/commit/80d139bb5d1d9d7e907abe851b97dc73821a5be2"}, {"name": "https://github.com/kyverno/kyverno/commit/fec2992e3f9fcd6b9c62267522c09b182e7df73b", "tags": ["x_refsource_MISC"], "url": "https://github.com/kyverno/kyverno/commit/fec2992e3f9fcd6b9c62267522c09b182e7df73b"}], "affected": [{"vendor": "kyverno", "product": "kyverno", "versions": [{"version": ">= 80d139bb5d1d9d7e907abe851b97dc73821a5be2, < fec2992e3f9fcd6b9c62267522c09b182e7df73b", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-11-14T18:54:09.977Z"}, "descriptions": [{"lang": "en", "value": "Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild."}], "source": {"advisory": "GHSA-4mp4-46gq-hv3r", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nirmata:kyverno:1.11.0:-:*:*:*:go:*:*", "matchCriteriaId": "60D64C55-D7D4-4EAC-8A8F-2611CABBECDA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild."}, {"lang": "es", "value": "Kyverno es un motor de pol\u00edticas dise\u00f1ado para Kubernetes. Se encontr\u00f3 una vulnerabilidad de seguridad en Kyverno donde un atacante podr\u00eda provocar la denegaci\u00f3n de servicio de Kyverno. La vulnerabilidad estaba en el verificador de Kyvernos Notary. Un atacante necesitar\u00eda controlar el registro del que Kyverno obtendr\u00eda firmas. Con tal posici\u00f3n, el atacante podr\u00eda devolver una respuesta maliciosa a Kyverno, cuando Kyverno enviar\u00eda una solicitud al registro. La respuesta maliciosa provocar\u00eda la denegaci\u00f3n de servicio de Kyverno, de modo que se bloquear\u00eda el procesamiento de las solicitudes de admisi\u00f3n de otros usuarios. Esta es una vulnerabilidad en un nuevo componente lanzado en la versi\u00f3n 1.11.0. Los \u00fanicos usuarios afectados por esto son aquellos que han estado compilando Kyverno desde la fuente en la sucursal principal, lo cual no es recomendable. Los usuarios que consumen versiones oficiales de Kyverno no se ven afectados. No se conocen casos de explotaci\u00f3n de esta vulnerabilidad en la naturaleza."}], "id": "CVE-2023-42816", "lastModified": "2023-11-21T13:55:36.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-11-13T21:15:08.127", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/kyverno/kyverno/commit/80d139bb5d1d9d7e907abe851b97dc73821a5be2"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/kyverno/kyverno/commit/fec2992e3f9fcd6b9c62267522c09b182e7df73b"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/kyverno/kyverno/pull/8428"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-345"}], "source": "security-advisories@github.com", "type": "Secondary"}]}