External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.
History

Wed, 18 Sep 2024 18:00:00 +0000

Type Values Removed Values Added
First Time appeared External-secrets external Secrets Operator
Weaknesses CWE-732
CPEs cpe:2.3:a:external-secrets:external_secrets_operator:*:*:*:*:*:*:*:*
Vendors & Products External-secrets external Secrets Operator

Mon, 09 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared External-secrets
External-secrets external-secrets
CPEs cpe:2.3:a:external-secrets:external-secrets:*:*:*:*:*:*:*:*
Vendors & Products External-secrets
External-secrets external-secrets
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Sep 2024 15:00:00 +0000

Type Values Removed Values Added
Description External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.
Title External Secrets Operator vulnerable to privilege escalation
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-09-09T14:54:31.066Z

Updated: 2024-09-09T17:11:22.575Z

Reserved: 2024-08-21T17:53:51.330Z

Link: CVE-2024-45041

cve-icon Vulnrichment

Updated: 2024-09-09T17:11:13.148Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-09T15:15:11.940

Modified: 2024-09-18T17:31:53.903

Link: CVE-2024-45041

cve-icon Redhat

No data.