CVE-2022-31055 - OpenCVE

kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Kctf

Configuration 1 [-]

cpe:2.3:a:google:kctf:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202
https://github.com/google/kctf/pull/371
https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-06-13T15:40:10

Updated: 2024-08-03T07:03:40.255Z

Reserved: 2022-05-18T00:00:00

Link: CVE-2022-31055

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-06-13T16:15:08.487

Modified: 2023-07-21T17:08:44.237

Link: CVE-2022-31055

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "kctf", "vendor": "google", "versions": [{"status": "affected", "version": "< 1.6.0"}]}], "descriptions": [{"lang": "en", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-13T15:40:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/kctf/pull/371"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}], "source": {"advisory": "GHSA-4g2v-6qc6-6jv5", "discovery": "UNKNOWN"}, "title": "Improper Access Control in kctf", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31055", "STATE": "PUBLIC", "TITLE": "Improper Access Control in kctf"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "kctf", "version": {"version_data": [{"version_value": "< 1.6.0"}]}}]}, "vendor_name": "google"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284: Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5", "refsource": "CONFIRM", "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"name": "https://github.com/google/kctf/pull/371", "refsource": "MISC", "url": "https://github.com/google/kctf/pull/371"}, {"name": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202", "refsource": "MISC", "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}]}, "source": {"advisory": "GHSA-4g2v-6qc6-6jv5", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:03:40.255Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/kctf/pull/371"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31055", "datePublished": "2022-06-13T15:40:10", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T07:03:40.255Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:kctf:*:*:*:*:*:*:*:*", "matchCriteriaId": "B80D91E1-40B9-40C1-ACD2-91D177C0EF56", "versionEndExcluding": "1.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}, {"lang": "es", "value": "kCTF es una infraestructura basada en Kubernetes para competiciones de captura de la bandera (CTF). En versiones anteriores a 1.6.0, el cluster kctf set-src-ip-ranges estaba roto y permit\u00eda el tr\u00e1fico desde cualquier IP. El problema ha sido parcheado en versi\u00f3n v1.6.0. Como mitigaci\u00f3n, aquellos que quieran probar los retos de forma privada pueden marcarlos como \"public: false\" y usar \"kctf chal debug port-forward\" para conectarse"}], "id": "CVE-2022-31055", "lastModified": "2023-07-21T17:08:44.237", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-06-13T16:15:08.487", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/kctf/pull/371"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Secondary"}]}