External Secrets Operator
Monthly
Cross-namespace secret disclosure in External Secrets Operator (versions 0.20.2 through 1.1.x) lets a low-privileged tenant who can author ExternalSecret resources abuse the `getSecretKey` template function to fetch secrets from other namespaces using the controller's own roleBinding, bypassing the operator's namespace-isolation safeguards. The function - originally added for the senhasegura DSM provider - was removed entirely in 1.2.0. There is no public exploit identified at time of analysis and EPSS is negligible (0.01%), but the authorization-bypass primitive is straightforward for any tenant with ExternalSecret create rights.
External Secrets Operator is a Kubernetes operator that integrates external secret management systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-namespace secret disclosure in External Secrets Operator (versions 0.20.2 through 1.1.x) lets a low-privileged tenant who can author ExternalSecret resources abuse the `getSecretKey` template function to fetch secrets from other namespaces using the controller's own roleBinding, bypassing the operator's namespace-isolation safeguards. The function - originally added for the senhasegura DSM provider - was removed entirely in 1.2.0. There is no public exploit identified at time of analysis and EPSS is negligible (0.01%), but the authorization-bypass primitive is straightforward for any tenant with ExternalSecret create rights.
External Secrets Operator is a Kubernetes operator that integrates external secret management systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.