CVE-2025-1097

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/kubernetes/kubernetes/issues/131007
https://security.netapp.com/advisory/ntap-20250328-0008/

Configurations

No configuration.

History

03 Nov 2025, 21:18

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20250328-0008/ -

27 Mar 2025, 16:45

Type	Values Removed	Values Added
Summary		(es) Se detectó un problema de seguridad en ingress-nginx (https://github.com/kubernetes/ingress-nginx) donde la anotación de Ingress `auth-tls-match-cn` puede usarse para inyectar configuración en nginx. Esto puede provocar la ejecución de código arbitrario en el contexto del controlador de ingress-nginx y la divulgación de secretos accesibles para el controlador. (Tenga en cuenta que, en la instalación predeterminada, el controlador puede acceder a todos los secretos del clúster).

25 Mar 2025, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-25 00:15

Updated : 2025-11-03 21:18

NVD link : CVE-2025-1097

Mitre link : CVE-2025-1097

CVE.ORG link : CVE-2025-1097

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

8.8 /10