New Vulnerability in Kubernetes CVE-2022-3172
On September 16th, CVE-2022-3172, a medium severity vulnerability (with CVSS score of 5.1) in the Kubernetes API server, was published. The vulnerability is an open redirect vulnerability that allows an aggregated API server to redirect client requests, which could lead to credentials theft and information leakage.
The vulnerability could be exploited by a compromised aggregated API server that will return a redirect response to the client, causing the client to ...