Fluid Attacks Database

Description

Kubernetes Secrets Store CSI Driver plugins arbitrary file write Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
go	github.com/azure/secrets-store-csi-driver-provider-azure	>=0 <0.0.10	0.0.10
go	github.com/googlecloudplatform/secrets-store-csi-driver-provider-gcp	>=0 <0.2.0	0.2.0
go	github.com/hashicorp/vault-csi-provider	>=0 <0.0.6	0.0.6
go	github.com/hashicorp/secrets-store-csi-driver-provider-vault	>=0 <0.0.6	v0.0.6

Aliases

1. CVE-2020-85672. NVD-2020-85673. OSV-2020-85674. GCVE-2020-8567

References

1. https://github.com/kubernetes-sigs/secrets-store-csi-driver/issues/3842. https://github.com/Azure/secrets-store-csi-driver-provider-azure/pull/2983. https://github.com/GoogleCloudPlatform/secrets-store-csi-driver-provider-gcp/pull/744. https://github.com/hashicorp/secrets-store-csi-driver-provider-vault/pull/505. https://groups.google.com/g/kubernetes-secrets-store-csi-driver/c/BI2qisiNXHY

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.