Summary
A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the networking.k8s.io or extensions API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. Multi-tenant environments where non-admin users have permissions to create Ingress objects are most affected.
Impact
An authenticated user with Ingress creation privileges can exploit the annotation validation bypass to inject commands into the ingress-nginx controller process. The attacker can then obtain the controller's service account token, which in the default configuration grants read access to all Kubernetes secrets cluster-wide. This results in high impact to confidentiality, integrity, and availability. Clusters without ingress-nginx installed are not affected.
Detection
Verify whether ingress-nginx is installed in your cluster:
kubectl get po -A | grep ingress-nginx-controller
Review Kubernetes audit logs for Ingress objects created with annotations — particularly annotations such as nginx.ingress.kubernetes.io/auth-tls-verify-client — that contain carriage return characters (\r). Presence of such values is a strong indicator of exploitation attempts.
If evidence of exploitation is found, contact security@kubernetes.io.
Mitigation
Upgrade ingress-nginx to a fixed version:
- v1.11.2 or later (1.11 branch)
- v1.10.4 or later (1.10 branch)
Where an immediate upgrade is not possible, restrict Ingress creation permissions to trusted administrators using RBAC to limit the scope of potential exploitation in multi-tenant environments.