Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
Summary
The Fission storagesvc component registers archive CRUD handlers (/v1/archive GET / POST / DELETE and /v1/archives list) directly on its HTTP router without performing any authentication or authorization. Any caller able to reach the storagesvc ClusterIP - including any other workload in the same Kubernetes cluster - could enumerate archive IDs, download archives belonging to other tenants, upload arbitrary archive content, and delete archives.
Affected component
pkg/storagesvc/storagesvc.go- handler registration and per-route handler logic at lines 72-95 (list), 167-199 (download/delete), and 263-270 (route wiring).
Impact
A workload elsewhere in the cluster (e.g. a compromised function pod, a noisy-neighbour tenant in a multi-tenant deployment, or any pod whose egress is not constrained by NetworkPolicy) could:
- Enumerate every function deployment archive in the cluster.
- Download the deployment archive of any function in any namespace, exposing the function's source code and any embedded secrets.
- Delete archives, causing the next function specialization or rebuild to fail.
- Upload arbitrary archives that subsequent function specializations would fetch and execute.
In multi-tenant Fission deployments this completely breaks the tenant boundary for function code.
Root cause
pkg/storagesvc/storagesvc.go mounts the handlers without an authentication middleware. Network-layer controls (NetworkPolicy) were the only line of defence before this fix, and the chart shipped no NetworkPolicy for storagesvc by default, so reachability was open.
Fix
Released in v1.23.0:
- PR #3368 (commit
2455fc0c) wraps thestoragesvcarchive routes with the application-layer HMAC verifier frompkg/auth/hmacusing theServiceStoragesvcderived key. Callers (executor, fetcher, builder, CLI) sign their requests using a shared cluster master secret derived per-service via HKDF. Mismatched signatures are rejected with401. - Defence in depth: PR #3365 added a
NetworkPolicyforstoragesvcso only the executor/fetcher/builder pods can reach it network-layer (independent of authentication).
Mitigation (until upgrade)
- Enable the Helm chart's per-service NetworkPolicy (set
networkPolicy.enabled=true). - Restrict
storagesvcegress/ingress to the executor, builder, and fetcher pods only. - Avoid running untrusted workloads in the cluster that hosts Fission.
AnalysisAI
Unauthenticated archive CRUD in Fission's storagesvc (≤ v1.22.0) lets any in-cluster workload list, download, replace, or delete function deployment archives across all tenants by hitting the ClusterIP-exposed /v1/archive and /v1/archives endpoints. Because uploaded archives are later fetched and executed by function specialization, the flaw escalates from a tenant data-exposure issue to in-cluster code execution. No public exploit identified at time of analysis, but the trivial HTTP pattern and lack of auth middleware make weaponization straightforward for any attacker with a foothold pod.
Technical ContextAI
Fission is a Kubernetes-native serverless function framework where storagesvc holds function deployment archives consumed by the executor, fetcher, and builder components. The root cause is CWE-306 (Missing Authentication for Critical Function): pkg/storagesvc/storagesvc.go (route wiring at lines 263-270, handlers at 72-95 and 167-199) registered archive CRUD routes directly on the HTTP router with no auth middleware, and the Helm chart shipped no NetworkPolicy for storagesvc, so any pod with cluster network reachability could call the service ClusterIP. The upstream fix in PR #3368 wraps the routes with an HMAC verifier from pkg/auth/hmac using a ServiceStoragesvc-derived HKDF key shared between executor, fetcher, builder, and the CLI, rejecting unsigned requests with HTTP 401; PR #3365 adds defence-in-depth NetworkPolicies restricting ingress to those specific service pods.
RemediationAI
Vendor-released patch: upgrade Fission to v1.23.0 or later, which introduces HMAC-signed requests for storagesvc via PR #3368 (https://github.com/fission/fission/pull/3368) and a default NetworkPolicy via PR #3365 (https://github.com/fission/fission/pull/3365); see GHSA-chf8-4hv6-8pg6 (https://github.com/fission/fission/security/advisories/GHSA-chf8-4hv6-8pg6) for full details. Until upgrade, enable the Helm chart's per-service NetworkPolicy by setting networkPolicy.enabled=true and restrict storagesvc ingress to the executor, builder, and fetcher pods only - note this requires a CNI that enforces NetworkPolicy (e.g. Calico, Cilium) and may break custom tooling that reaches storagesvc directly. As an interim compensating control, avoid colocating untrusted workloads in the Fission cluster, since the only remaining boundary before patching is pod-to-pod network reachability.
More in Kubernetes
View allA critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4
Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass
Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref
String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36091
GHSA-chf8-4hv6-8pg6