CVE-2023-30622 - Vulnerability Details - OpenCVE

Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called `cluster-hub` inside the `clusternet-system` Kubernetes namespace, which runs on worker nodes randomly. The deployment has a service account called `clusternet-hub`, which has a cluster role called `clusternet:hub` via cluster role binding. The `clusternet:hub` cluster role has `"*" verbs of "*.*"` resources. Thus, if a malicious user can access the worker node which runs the clusternet, they can leverage the service account to do malicious actions to critical system resources. For example, the malicious user can leverage the service account to get ALL secrets in the entire cluster, resulting in cluster-level privilege escalation. Version 0.15.2 contains a fix for this issue.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Clusternet	Clusternet

Configuration 1 [-]

cpe:2.3:a:clusternet:clusternet:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/clusternet/clusternet/releases/tag/v0.15.2
https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429

History

Tue, 04 Feb 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-04-24T15:34:05.430Z

Updated: 2025-02-04T18:52:55.490Z

Reserved: 2023-04-13T13:25:18.832Z

Link: CVE-2023-30622

Vulnrichment

Updated: 2024-08-02T14:28:51.797Z

NVD

Status : Modified

Published: 2023-04-24T16:15:07.917

Modified: 2024-11-21T08:00:31.813

Link: CVE-2023-30622

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-30622", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-04-13T13:25:18.832Z", "datePublished": "2023-04-24T15:34:05.430Z", "dateUpdated": "2025-02-04T18:52:55.490Z"}, "containers": {"cna": {"title": "Clusternet has potential risk which can be leveraged to make a cluster-level privilege escalation", "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "lang": "en", "description": "CWE-269: Improper Privilege Management", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429"}, {"name": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2"}], "affected": [{"vendor": "clusternet", "product": "clusternet", "versions": [{"version": "< 0.15.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-04-24T15:34:05.430Z"}, "descriptions": [{"lang": "en", "value": "Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called `cluster-hub` inside the `clusternet-system` Kubernetes namespace, which runs on worker nodes randomly. The deployment has a service account called `clusternet-hub`, which has a cluster role called `clusternet:hub` via cluster role binding. The `clusternet:hub` cluster role has `\"*\" verbs of \"*.*\"` resources. Thus, if a malicious user can access the worker node which runs the clusternet, they can leverage the service account to do malicious actions to critical system resources. For example, the malicious user can leverage the service account to get ALL secrets in the entire cluster, resulting in cluster-level privilege escalation. Version 0.15.2 contains a fix for this issue."}], "source": {"advisory": "GHSA-833c-xh79-p429", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:28:51.797Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429"}, {"name": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-04T18:52:43.244715Z", "id": "CVE-2023-30622", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T18:52:55.490Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429", "name": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2", "name": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:28:51.797Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-30622", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-04T18:52:43.244715Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T18:52:51.492Z"}}], "cna": {"title": "Clusternet has potential risk which can be leveraged to make a cluster-level privilege escalation", "source": {"advisory": "GHSA-833c-xh79-p429", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "clusternet", "product": "clusternet", "versions": [{"status": "affected", "version": "< 0.15.2"}]}], "references": [{"url": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429", "name": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2", "name": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called `cluster-hub` inside the `clusternet-system` Kubernetes namespace, which runs on worker nodes randomly. The deployment has a service account called `clusternet-hub`, which has a cluster role called `clusternet:hub` via cluster role binding. The `clusternet:hub` cluster role has `\"*\" verbs of \"*.*\"` resources. Thus, if a malicious user can access the worker node which runs the clusternet, they can leverage the service account to do malicious actions to critical system resources. For example, the malicious user can leverage the service account to get ALL secrets in the entire cluster, resulting in cluster-level privilege escalation. Version 0.15.2 contains a fix for this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-04-24T15:34:05.430Z"}}}, "cveMetadata": {"cveId": "CVE-2023-30622", "state": "PUBLISHED", "dateUpdated": "2025-02-04T18:52:55.490Z", "dateReserved": "2023-04-13T13:25:18.832Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-04-24T15:34:05.430Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clusternet:clusternet:*:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4F69E-D2B2-404F-AF91-14D543CE1CE6", "versionEndIncluding": "0.15.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called `cluster-hub` inside the `clusternet-system` Kubernetes namespace, which runs on worker nodes randomly. The deployment has a service account called `clusternet-hub`, which has a cluster role called `clusternet:hub` via cluster role binding. The `clusternet:hub` cluster role has `\"*\" verbs of \"*.*\"` resources. Thus, if a malicious user can access the worker node which runs the clusternet, they can leverage the service account to do malicious actions to critical system resources. For example, the malicious user can leverage the service account to get ALL secrets in the entire cluster, resulting in cluster-level privilege escalation. Version 0.15.2 contains a fix for this issue."}], "id": "CVE-2023-30622", "lastModified": "2024-11-21T08:00:31.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.3, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-24T16:15:07.917", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/clusternet/clusternet/releases/tag/v0.15.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/clusternet/clusternet/security/advisories/GHSA-833c-xh79-p429"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security-advisories@github.com", "type": "Secondary"}]}