C-0089 - CVE-2022-3172-aggregated-API-server-redirect

Framework

ArmoBest

Severity

Low

Description of the the issue

The API server allows an aggregated API to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties

Related resources

APIService, Service

What does this control test

List the aggregated-API-server services that could potentially be used to redirect client traffic to any URL, if the API server version is vulnerable to CVE-2022-3172

Remediation

Upgrade the Kubernetes version to one of the following versions (or higher patchs): v1.25.1, v1.24.5, v1.23.11, v1.22.14

Example