Summary: A set of vulnerabilities in Ingress-NGINX Controller for Kubernetes poses significant security risks, including unauthorized remote code execution and potential full cluster takeover for versions prior to 1.12.1 and 1.11.5. The Australian Cyber Security Centre has outlined specific vulnerabilities that could allow attackers to manipulate configurations and access sensitive credentials. It is crucial for organizations using affected versions to patch their systems immediately.
Affected: Ingress-NGINX Controller for Kubernetes
Keypoints :
- Multiple vulnerabilities identified, including issues with ingress annotations leading to arbitrary code execution.
- CVE-2025-1097 allows unauthorized configurations to be injected, compromising security.
- Immediate upgrade to versions 1.12.1 or 1.11.5 is essential for patching vulnerabilities.
- Unauthorized access can expose sensitive cluster-wide Secrets, risking complete cluster takeover.
- Best practices include disabling public access to the admission webhook and enabling annotation validation.
Source: https://thecyberexpress.com/ingress-nginx-controller-flaws/