Vulnerabilities > CVE-2022-4886 - Unspecified vulnerability in Kubernetes Ingress-Nginx

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
kubernetes
NVD
Published: 2023-10-25
Updated: 2024-03-07

Summary

Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.

Vulnerable Configurations

Part Description Count
Application
Kubernetes
93

Related news

References