GHSA-vpxf-q44g-w34w

Suggest an improvement
Source
https://github.com/advisories/GHSA-vpxf-q44g-w34w
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-vpxf-q44g-w34w/GHSA-vpxf-q44g-w34w.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-vpxf-q44g-w34w
Aliases
  • CVE-2023-36815
Published
2023-06-30T20:36:55Z
Modified
2023-11-01T05:02:28.520783Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
Summary
Sealos billing system permission control defect
Details

Summary

There is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account. sealos. io/v1/Payment, resulting in the ability to recharge any amount of 1 RMB.

Details

The reason is that sealos is in arrears. Egg pain, we can't create a terminal anymore. Let's charge for it:

Then it was discovered that the charging interface had returned all resource information. Unfortunately, based on previous vulnerability experience, the namespace of this custom resource is still under the current user's control and may have permission to correct it.

PoC

disable by publish

Impact

  • sealos public cloud user
  • CWE-287 Improper Authentication
Database specific
{
    "nvd_published_at": "2023-07-03T18:15:09Z",
    "cwe_ids": [
        "CWE-287",
        "CWE-862"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-30T20:36:55Z"
}
References

Affected packages

Go / github.com/labring/sealos

Package

Name
github.com/labring/sealos
View open source insights on deps.dev
Purl
pkg:golang/github.com/labring/sealos

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
4.2.0