cnvd - cnvd-2022-55173

CNVD-2022-55173

Vulnerability from cnvd - Published: 2022-08-04

Title

F5 NGINX Ingress Controller输入验证错误漏洞

Description

NGINX Ingress Controller是F5公司的一款可与NGINX和NGINX Plus配合使用，并支持标准的入口功能 - 基于内容的路由和TLS / SSL卸载的应用。 F5 NGINX Ingress Controller存在输入验证错误漏洞，被授权可创建或更新Ingress对象的攻击者可利用该漏洞获取NGINX Ingress Controller中所有可用的secret对象。

Severity

中

Patch Name

F5 NGINX Ingress Controller输入验证错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.f5.com/csp/article/K52125139

Reference

https://support.f5.com/csp/article/K52125139

Impacted products

Name
['F5 NGINX Ingress Controller >=2.0.0，<=2.2.0', 'F5 NGINX Ingress Controller >=1.1.0，<=1.12.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-30535",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-30535"
    }
  },
  "description": "NGINX Ingress Controller\u662fF5\u516c\u53f8\u7684\u4e00\u6b3e\u53ef\u4e0eNGINX\u548cNGINX Plus\u914d\u5408\u4f7f\u7528\uff0c\u5e76\u652f\u6301\u6807\u51c6\u7684\u5165\u53e3\u529f\u80fd - \u57fa\u4e8e\u5185\u5bb9\u7684\u8def\u7531\u548cTLS / SSL\u5378\u8f7d\u7684\u5e94\u7528\u3002\n\nF5 NGINX Ingress Controller\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u88ab\u6388\u6743\u53ef\u521b\u5efa\u6216\u66f4\u65b0Ingress\u5bf9\u8c61\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6NGINX Ingress Controller\u4e2d\u6240\u6709\u53ef\u7528\u7684secret\u5bf9\u8c61\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/article/K52125139",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-55173",
  "openTime": "2022-08-04",
  "patchDescription": "NGINX Ingress Controller\u662fF5\u516c\u53f8\u7684\u4e00\u6b3e\u53ef\u4e0eNGINX\u548cNGINX Plus\u914d\u5408\u4f7f\u7528\uff0c\u5e76\u652f\u6301\u6807\u51c6\u7684\u5165\u53e3\u529f\u80fd - \u57fa\u4e8e\u5185\u5bb9\u7684\u8def\u7531\u548cTLS / SSL\u5378\u8f7d\u7684\u5e94\u7528\u3002\r\n\r\nF5 NGINX Ingress Controller\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u88ab\u6388\u6743\u53ef\u521b\u5efa\u6216\u66f4\u65b0Ingress\u5bf9\u8c61\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6NGINX Ingress Controller\u4e2d\u6240\u6709\u53ef\u7528\u7684secret\u5bf9\u8c61\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "F5 NGINX Ingress Controller\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "F5 NGINX Ingress Controller \u003e=2.0.0\uff0c\u003c=2.2.0",
      "F5 NGINX Ingress Controller \u003e=1.1.0\uff0c\u003c=1.12.4"
    ]
  },
  "referenceLink": "https://support.f5.com/csp/article/K52125139",
  "serverity": "\u4e2d",
  "submitTime": "2022-08-03",
  "title": "F5 NGINX Ingress Controller\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2022-30535 (GCVE-0-2022-30535)

Vulnerability from cvelistv5 – Published: 2022-08-04 17:45 – Updated: 2024-09-16 20:07

Summary

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-20 - Improper Input Validation

Assigner

References

URL

Tags

https://support.f5.com/csp/article/K52125139

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	F5	NGINX Ingress Controller	Affected: 2.x , < 2.3.0 (custom) Affected: 1.0.0 , < 1.x* (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:48:36.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K52125139"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NGINX Ingress Controller",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "2.3.0",
              "status": "affected",
              "version": "2.x",
              "versionType": "custom"
            },
            {
              "lessThan": "1.x*",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-08-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-04T17:45:41",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K52125139"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "NGINX Ingress Controller vulnerability CVE-2022-30535",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2022-08-03T14:00:00.000Z",
          "ID": "CVE-2022-30535",
          "STATE": "PUBLIC",
          "TITLE": "NGINX Ingress Controller vulnerability CVE-2022-30535"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NGINX Ingress Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "2.x",
                            "version_value": "2.3.0"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "1.x",
                            "version_value": "1.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K52125139",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K52125139"
            }
          ]
        },
        "source": {
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2022-30535",
    "datePublished": "2022-08-04T17:45:41.852883Z",
    "dateReserved": "2022-07-19T00:00:00",
    "dateUpdated": "2024-09-16T20:07:20.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-55173

CVE-2022-30535 (GCVE-0-2022-30535)

Tags

Sightings

Nomenclature