CVE-2024-45041 HIGH

CVE-2024-45041: External Secrets Operator vulnerable to privilege escalation

Vendor External-Secrets

Product external-secrets

Weakness CWE-269

Published September 9, 2024

Last update September 9, 2024

View on NVD All CVEs

CVSS base score

8.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

What the vulnerability does

01Description

External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.

Key dates

02Disclosure timeline

September 9, 2024 CVE published

September 9, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-45041 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

CVE-2024-45041: External Secrets Operator vulnerable to privilege escalation

01Description

02Disclosure timeline

03References

04Related CVE