Vulnerabilities > CVE-2021-25742

047910
CVSS 7.1 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
NONE
network
low complexity
kubernetes
netapp
NVD
Published: 2021-10-29
Updated: 2021-12-15

Summary

A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.

Vulnerable Configurations

Part Description Count
Application
Kubernetes
81
Application
Netapp
1

References