Security News > 2020 > October > Containerd Bug Exposes Cloud Account Credentials

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host's registry or users' cloud-account credentials.

Containerd bills itself as a runtime tool that "Manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision to low-level storage to network attachments and beyond." As such, it offers deep visibility into a user's cloud environment, across multiple vendors.

"If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control, and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image," according to the bug advisory.

"In some cases, this may be the user's username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account."

Containerd patched the bug, which is listed as medium in severity, in version 1.2.4; containerd 1.3.x is not vulnerable.

News URL

https://threatpost.com/containerd-bug-cloud-account-credentials/160546/