Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-36815: Sealos billing system permission control defect

Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account sealos[.] io/v1/Payment, resulting in the ability to recharge any amount of 1 renminbi (RMB). The charging interface may expose resource information. The namespace of this custom resource would be user’s control and may have permission to correct it. It is not clear whether a fix exists.

CVE
Open in Source
#vulnerability#auth

Summary

There is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account. sealos. io/v1/Payment, resulting in the ability to recharge any amount of 1 RMB.

Details

The reason is that sealos is in arrears. Egg pain, we can’t create a terminal anymore. Let’s charge for it:

Then it was discovered that the charging interface had returned all resource information. Unfortunately, based on previous vulnerability experience, the namespace of this custom resource is still under the current user’s control and may have permission to correct it.

PoC

disable by publish

Impact

  • sealos public cloud user
  • CWE-287 Improper Authentication

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE