Main Vulnerability Database Vulnerabilities #VU49490

#VU49490 Information disclosure in Azure Active Directory Pod Identity for Kubernets - CVE-2021-1677

Published: January 12, 2021 / Updated: January 12, 2021

Vulnerability identifier: #VU49490

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-1677

CWE-ID: CWE-200

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Azure Active Directory Pod Identity for Kubernets

Software vendor:
Microsoft

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The AAD pod identity enables users to assign identities to pods in Kubernetes clusters and fetch them from the pods using a regular IMDS (Azure Instance Metadata Service) request. When an identity is assigned to a pod, the pod can access to the IMDS endpoint and get a token of that identity. An attacker who successfully exploited this vulnerability can laterally steal the identities that are associated with different pods.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1677

#VU49490 Information disclosure in Azure Active Directory Pod Identity for Kubernets - CVE-2021-1677

Description

Remediation

External links

Please verify you're human