Impact
Linux users running Lens could be compromised by visiting a malicious website. The malicious website could make websocket connections from the victim's browser to Lens and so operate the local terminal feature. This would allow the attacker to execute arbitrary commands as the Lens user.
To exploit
- Lens needs to be running on Linux
- The attacker needs to know the cluster ID of at least one of the victim's clusters
- The victim needs to visit a malicious site
Patches
Fixed in #4285. Users should upgrade to 5.2.7 or later.
Workarounds
None.
References
None.
For more information
If you have any questions or comments about this advisory:
stevenjohnstone Analyst
Impact
Linux users running Lens could be compromised by visiting a malicious website. The malicious website could make websocket connections from the victim's browser to Lens and so operate the local terminal feature. This would allow the attacker to execute arbitrary commands as the Lens user.
To exploit
Patches
Fixed in #4285. Users should upgrade to 5.2.7 or later.
Workarounds
None.
References
None.
For more information
If you have any questions or comments about this advisory: