CVE-2022-3162
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-3162
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3162.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-3162
- Aliases
- Downstream
- Related
- Published
- 2023-03-01T19:15:25Z
- Modified
- 2025-09-19T13:57:48.313096Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.
- References
Affected packages
Git / github.com/kubernetes/kubelet
Affected ranges
- Type
- GIT
- Repo
- https://github.com/kubernetes/kubelet
- Events
-
Last affectedIntroducedLast affectedIntroducedLast affectedIntroducedLast affected
- Type
- GIT
- Repo
- https://github.com/kubernetes/kubernetes
- Events
-
Last affectedIntroducedLast affectedIntroducedLast affectedIntroducedLast affected
Affected versions
v1.*
v1.23.0
v1.23.1
v1.23.1-rc.0
v1.23.10
v1.23.10-rc.0
v1.23.11
v1.23.11-rc.0
v1.23.12
v1.23.12-rc.0
v1.23.13
v1.23.13-rc.0
v1.23.2
v1.23.2-rc.0
v1.23.3
v1.23.3-rc.0
v1.23.4
v1.23.4-rc.0
v1.23.5
v1.23.5-rc.0
v1.23.6
v1.23.6-rc.0
v1.23.7
v1.23.7-rc.0
v1.23.8
v1.23.8-rc.0
v1.23.9
v1.23.9-rc.0
v1.24.0
v1.24.1
v1.24.1-rc.0
v1.24.2
v1.24.2-rc.0
v1.24.3
v1.24.3-rc.0
v1.24.4
v1.24.4-rc.0
v1.24.5
v1.24.5-rc.0
v1.24.6
v1.24.6-rc.0
v1.24.7
v1.24.7-rc.0
v1.25.0
v1.25.1
v1.25.1-rc.0
v1.25.2
v1.25.2-rc.0
v1.25.3
v1.25.3-rc.0