SSRF in Kubertenes page.
HackerOne report #475556 by sql00
on 2019-01-07, assigned to asaba
:
Overview:
SSRF exists when user add Kubernetes API url.
Steps To Reproduce:
- Create Project
- Open new created project and go to "Operations - > Kubernetes" page.
- Click "Add Kubernetes cluster"
- Go to "Add existing cluster"
- On API URL Field add "http://localhost:22"
- Press "Add Kubernetes cluster"
- To see output from this request go to "Monitoring - > Background Jobs -> Retries"
Output:
wrong status line: "SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4"
Impact
Access Internal Network, Port scanning.
Attachments
Warning: Attachments received through HackerOne, please exercise caution!