Summary
A security issue in ingress-nginx allows a user with permission to create or update Ingress objects to use the custom snippets annotation feature to inject arbitrary nginx configuration directives. Through this injection, the attacker can cause the controller to serve the contents of its service account token or other sensitive files, obtaining all secrets in the cluster. Multitenant environments where non-admin users hold Ingress create or update permissions are most affected.
Impact
Any user who can create or update Ingress objects in a cluster running ingress-nginx v1.0.0 or any version up to and including v0.49.0 can exploit this vulnerability to read the ingress-nginx service account credentials and, consequently, all Kubernetes secrets in the cluster. This issue cannot be remediated by upgrading ingress-nginx alone — it requires both an upgrade and a configuration change to disable the custom snippets feature.
Detection
Audit Ingress objects across the cluster for use of custom snippet annotations and identify which users hold Ingress create or update access. If you find evidence that this vulnerability has been exploited, contact security@kubernetes.io.
Mitigation
This issue cannot be remediated by upgrading ingress-nginx alone. Two steps are required:
Step 1 — Upgrade to a version that supports the mitigation: v0.49.1 (for the 0.49 line) or v1.0.1 (for the 1.0 line).
Step 2 — Disable custom snippet annotations by setting allow-snippet-annotations to false in the ingress-nginx ConfigMap.
For deployments using static manifests, edit the ConfigMap after upgrading:
kubectl edit configmap -n ingress-nginx ingress-nginx-controller
Add the following under data:
data:
allow-snippet-annotations: "false"
For Helm deployments, set the value during install or upgrade:
helm upgrade ingress-nginx ingress-nginx/ingress-nginx \
--set controller.allowSnippetAnnotations=false
Clusters running ingress-nginx v1.0.0 or v0.49.0 and earlier have no available mitigation without upgrading.