CVE-2022-47633
HIGH WAF: Low
CVSS 8.1
Published: 2022-12-23
CWE-287 CWE-287
An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| kyverno | kyverno | 1.8.3 |
| kyverno | kyverno | 1.8.4 |
References
- github.com (Patch, Third Party Advisory)
- github.com (Patch, Third Party Advisory)
- github.com (Release Notes, Third Party Advisory)
- github.com (Patch, Third Party Advisory)
- kyverno.io (Product)