Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-3262

Опубликовано: 21 сент. 2022
Источник: redhat
CVSS3: 8.1
EPSS Низкий

Описание

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.

Отчет

This is a known issue upstream: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#namespaces-and-dns To guard against redirection attacks system administrators can pre-create the namespaces for TLDs or use a third-party solution to block users from creating those namespaces.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Container Platform 4openshiftWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-453
https://bugzilla.redhat.com/show_bug.cgi?id=2128858openshift: insecure default DNSPolicy for pods

EPSS

Процентиль: 62%
0.00427
Низкий

8.1 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-3262

CVSS3: 8.1
nvd
около 3 лет назад

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.

github логотип

GHSA-j37r-c8v9-736q

CVSS3: 8.1
github
около 3 лет назад

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.

EPSS

Процентиль: 62%
0.00427
Низкий

8.1 High

CVSS3