Incorrect resource transfer between spheres in coreDNS



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2022-2837
CWE-ID CWE-669
Exploitation vector Network
Public exploit N/A
Vulnerable software
CoreDNS
Server applications / DNS servers

Vendor CoreDNS

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Incorrect Resource Transfer Between Spheres

EUVDB-ID: #VU98769

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2837

CWE-ID: CWE-669 - Incorrect Resource Transfer Between Spheres

Exploit availability: No

Description

The vulnerability allows a remote user to redirect traffic.

The vulnerability exists due to improper sanitization of user-supplied data. A remote user can redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.

Mitigation

Install update from vendor's website.

Vulnerable software versions

CoreDNS: All versions

CPE2.3 External links

http://bugzilla.redhat.com/show_bug.cgi?id=2118543


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###