CVE-2020-8567
21.01.2021, 17:15
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| secret_manager_provider_for_secret_store_csi_driver | 𝑥 < 0.2.0 | |
| hashicorp | vault_provider_for_secrets_store_csi_driver | 𝑥 < 0.0.6 |
| microsoft | azure_key_vault_provider_for_secrets_store_csi_driver | 𝑥 < 0.0.10 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| kubernetes | secrets-store-csi-driver | 𝑥 < 0.0.6 | CNA |
| kubernetes | secrets-store-csi-driver | 𝑥 < 0.0.10 | CNA |
| kubernetes | secrets-store-csi-driver | 𝑥 < 0.2.0 | CNA |
Common Weakness Enumeration
- CWE-24 - Path Traversal: '../filedir'The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize "../" sequences that can resolve to a location that is outside of that directory.
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
References