Kubernetes - HackerOne Reports
View on HackerOne75
Total Reports
0
Critical
14
High
33
Medium
17
Low
Index Out Of Bounds in protobuf unmarshalling
Reported by:
pulpkk
|
Disclosed:
Weakness: Buffer Over-read
Subdomain Takeover Via via Dangling NS records on Amazon Route 53 http://api.e2e-kops-aws-canary.test-cncf-aws.canary.k8s.io
Reported by:
todayisnew
|
Disclosed:
Medium
Weakness: Improper Authentication - Generic
Bounty: $250.00
CVEs:
CVE-2017-14389
AWS Load Balancer Controller can be used by an attacker to modify rules of any Security Group that they are able to tag
Reported by:
t0rr3sp3dr0
|
Disclosed:
Medium
Weakness: Resource Injection
Bounty: $500.00
AWS Load Balancer Controller Managed Security Groups can be replaced by an unprivileged attacker
Reported by:
t0rr3sp3dr0
|
Disclosed:
Medium
Weakness: Resource Injection
Bounty: $500.00
KOPS documentation references domains which were not registered
Reported by:
sml555
|
Disclosed:
Low
Weakness: Privilege Escalation
Authenticated kubernetes principal with restricted permissions can retrieve ingress-nginx serviceaccount token and secrets across all namespaces
Reported by:
libio
|
Disclosed:
High
Weakness: Privilege Escalation
IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
Reported by:
champtar
|
Disclosed:
Medium
Weakness: Man-in-the-Middle
Man in the middle leading to root privilege escalation using hostNetwork=true (CAP_NET_RAW considered harmful)
Reported by:
champtar
|
Disclosed:
Medium
Weakness: Man-in-the-Middle
Broken Link Hijacking on kubernetes.io Documentation
Reported by:
codermak
|
Disclosed:
Low
Weakness: Improper Access Control - Generic
kubectl creating secrets from stringData leaves secret in plain text
Reported by:
max_lan
|
Disclosed:
Low
Weakness: Cleartext Storage of Sensitive Information
"Self" DOS with large deployment and scaling
Reported by:
wiardvanrij
|
Disclosed:
Low
Weakness: Uncontrolled Resource Consumption
Loading YAML in Java client can lead to command execution
Reported by:
j0v
|
Disclosed:
Medium
Weakness: Deserialization of Untrusted Data
Bounty: $1000.00
Sensitive Information disclosure Through Config File
Reported by:
a1c3venom
|
Disclosed:
Weakness: Information Disclosure
Clickjacking
Reported by:
hackerboy404
|
Disclosed:
Weakness: UI Redressing (Clickjacking)
Github Account Takeover from Docs page of `kubernetes-csi.github.io`
Reported by:
codermak
|
Disclosed:
Low
Weakness: Improper Access Control - Generic
Broken Domain Link Takeover from kubernetes.io docs
Reported by:
0xlegendkiller
|
Disclosed:
Low
Weakness: Insecure Temporary File
Bounty: $100.00
exposed Git Repo at http://api.e2e-kops-aws-canary.test-cncf-aws.canary.k8s.io/.git/
Reported by:
zevfw5pp
|
Disclosed:
High
Weakness: Information Disclosure
No valid SPF record found
Reported by:
aravindn
|
Disclosed:
Weakness: Improper Authentication - Generic
Broken link hijacing in https://kubernetes-csi.github.io/docs/drivers.html
Reported by:
tendermint
|
Disclosed:
Medium
Weakness: Violation of Secure Design Principles
Holes in EndpointSlice Validation Enable Host Network Hijack
Reported by:
howardjohn
|
Disclosed:
Low
Weakness: Privilege Escalation