Exposed Kubernetes API - RCE/Exposed Creds
Critical
S
Snapchat
Submitted None
Team Summary
Official summary from Snapchat
@txt3rob found one of Snaps internal Kubernetes instances exposing an API endpoint without authorization to the public. With access to this API he was able to run arbitrary code/jobs as a cluster-admin and gained access to credentials with internal access to a significant number of instances.
Actions:
Reported by
txt3rob
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$25000.00
Submitted
Weakness
OS Command Injection