Skip to content
Permalink
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

Improper header sanitization in bored-agent causes escalation of privilege

Release Date

2022/01/24

Overview

Bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.

Affected Products

Bored-agent prior to v0.6.1

Vulnerability Information

CVE Identifier

CVE-2022-0270

CVSSv3.1

8.8 (HIGH) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs

CWE-284

Mitigations

Upgrade to v0.6.1 or later. In most installations, this should be automatic.

Work arounds

None

Acknowledgements

Found by Mirantis PSIRT

Disclosure Timeline

2022/01/24: public advisory released

2022/01/18: fixed in lensapp/bored-agent#144

2022/01/18: Mirantis PSIRT reported vulnerability to Lens team