F5 NGINX Ingress Controller
cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*
- >= 5.0.0, <= 5.5.1
- >= 4.0.0, <= 4.0.1
- >= 3.6.0, <= 3.7.2
An injection vulnerability has been identified in the NGINX Ingress Controller, specifically in versions 3.6.0 to 3.7.2, 4.0.0 to 4.0.1, and 5.0.0 to 5.5.1. When the controller is used with Custom Resource Definitions (CRDs) or Ingress annotations, multiple user-controllable fields can be written into the generated NGINX configuration without proper sanitization. This flaw allows an authenticated attacker with permission to create or modify these CRDs or annotations to inject arbitrary NGINX configuration directives. The vulnerability is a control plane issue, with no exposure in the data plane.
Exploitation of this vulnerability could enable an authenticated attacker with write access to NGINX Ingress Controller CRDs or Ingress annotations to inject arbitrary NGINX configuration directives, potentially leading to unauthorized file creation or deletion, or disruption of services.
To address this vulnerability, users should upgrade to NGINX Ingress Controller version 5.5.2. For versions 4.x and 3.x, no specific update is available, but users are advised to upgrade to a version with the fix. Additionally, it is recommended to restrict Kubernetes Role-based Access Control (RBAC) permissions on Ingress resources to trusted cluster administrators only, and to deploy an admission policy that rejects resources with special characters in user-controlled fields.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.