CVE-2022-36089

Authentication Bypass by Capture-replay in go/github.com/kubevela/kubevela

Identifiers

CVE-2022-36089, GHSA-cq42-w295-r29q

Package Slug

go/github.com/kubevela/kubevela

Vulnerability

Authentication Bypass by Capture-replay

Description

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the PlatformID as the signed key to generate the JWT tokens for users. Another API called getSystemInfo exposes the platformID. This vulnerability allows users to use the platformID to re-generate the JWT tokens to bypass the authentication. Versions 1.4.11 and 1.5.4 contain a patch for this issue.

Affected Versions

All versions starting from 1.4.0 before 1.4.11, all versions starting from 1.5.0 before 1.5.3

Solution

Upgrade to versions 1.4.11, 1.5.3 or above.

Last Modified

2022-09-19

source