Red Hat OpenShift API Server Server-Side Request Forgery Vulnerability Allowing Internal Network Enumeration and Potential Denial-of-Service
Vulnerability
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the OpenShift API server's ImageStreamImport mechanism. This flaw arises from inadequate validation of user-supplied image references, allowing authenticated users to initiate outbound network requests from the API server. The vulnerability could be exploited to enumerate internal cluster services, probe private network infrastructure, access cloud metadata services in public cloud deployments, and potentially cause a denial-of-service by overwhelming services with connection attempts.
Impact
Exploitation of this vulnerability could lead to unauthorized access and enumeration of internal services, disruption of service availability through excessive connection attempts, and exposure of sensitive information from cloud metadata services in public cloud environments.
Reproduction
The vulnerability can be reproduced by sending an ImageStreamImport request with user-supplied image references that include IP addresses or network ranges. The OpenShift API server will process the request without validating the destination, allowing connections to internal services or metadata endpoints.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.