Kong Ingress Controller for Kubernetes (KIC): Cross-namespace TLS Secret Exfiltration in Gateways with GatewayClass missing `konghq.com/gatewayclass-unmanaged: 'true'` annotation — GHSA-M23H-6MWM-39M8
GitHub · GitHub · GHSA-M23H-6MWM-39M8
ID
GHSA-M23H-6MWM-39M8
GHSA-M23H-6MWM-39M8
Date
Activity
Source
GitHub
GitHub
Vendor
GitHub
GitHub
Threat
medium
medium
CVSS
5.6
5.6
Summary
## Summary A vulnerability in the Kong Ingress Controller (KIC) allows for the unauthorized exfiltration of TLS certificates and private keys across Kubernetes namespace boundaries. In "managed" mode (where the `GatewayClass` lacks an unmanaged annotation), the Gateway TLS translator skips critical status checks. This bypass allows the translator to fetch Secrets from any namespace KIC watches, even when a…
Product
go: github.com/kong/kubernetes-ingress-controller/v3 | go: github.com/kong/kubernetes-ingress-controller/v2 | go: github.com/kong/kubernetes-ingress-controller
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.