Unrated severityNVD Advisory· Published Nov 3, 2023· Updated Feb 13, 2025
Kubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)
CVE-2022-3172
Description
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Kubernetes/kube-apiserverv5Range: v1.25.0
Patches
Vulnerability mechanics
References
3- github.com/kubernetes/kubernetes/issues/112513mitreissue-tracking
- groups.google.com/g/kubernetes-security-announce/c/_aLzYMpPRakmitremailing-list
- security.netapp.com/advisory/ntap-20231221-0005/mitre
News mentions
0No linked articles in our index yet.