4.4

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2022-2835

GHSA ID

GHSA-ch7v-37xg-75ph

EPSS Score

0.06545%

CWE

CWE-923

Published

3/3/2023

Updated

3/14/2023

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-2835

CVE-2022-2835: coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints

A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2022-2835

CVE-2022-2835:

4.4

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2022-2835

GHSA ID

GHSA-ch7v-37xg-75ph

EPSS Score

0.06545%

CWE

CWE-923

Published

3/3/2023

Updated

3/14/2023

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/coredns/coredns	go	<= 1.9.3

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability involves improper DNS resolution for Kubernetes service FQDNs. CoreDNS's Kubernetes plugin (plugin/kubernetes) is responsible for handling these queries. The ServeDNS() function processes DNS requests and generates responses. The lack of proper validation() in this function could allow external or maliciously crafted DNS entries to hijack the abbreviated 'svc' domain resolution, bypassing cluster-local restrictions. This aligns with the CWE-923 description and the vulnerability's impact on internal service communication.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

4.4

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2022-2835: coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints

CVE-2022-2835:

4.4

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2022-2835: coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints

Basic Information

Basic Information

4.4

4.4

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI