CVE-2022-36089 HIGH

CVE-2022-36089: VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay

Vendor Kubevela
Product kubevela
Weakness CWE-294
Published September 7, 2022
Last update April 23, 2025

CVSS base score

8.2/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

What the vulnerability does

01Description

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the `PlatformID` as the signed key to generate the JWT tokens for users. Another API called `getSystemInfo` exposes the platformID. This vulnerability allows users to use the platformID to re-generate the JWT tokens to bypass the authentication. Versions 1.4.11 and 1.5.4 contain a patch for this issue.

Key dates

02Disclosure timeline

September 7, 2022 CVE published
April 23, 2025 Record updated