Improper Access Control Affecting package, versions *

  • Attack Complexity


  • Confidentiality


  • Integrity


  • Availability


Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • snyk-id


  • published

    10 Dec 2020

  • disclosed

    10 Dec 2020

  • credit


How to fix?

Upgrade to version or higher.

Overview is an OpenShift component which enables external access to cluster services by configuring Ingress Controllers, which route traffic as specified by OpenShift Route and Kubernetes Ingress resources.

Affected versions of this package are vulnerable to Improper Access Control. Until the 4.6.6 version of OpenShift Container Platform changes to the router-default service to allow only certain IP source ranges was possible by directly editing the service object. Since 4.6.6 changes to the loadBalancerSourceRanges field are overwritten to the default of all IP ranges. If a cluster is affected by this issue an attacker can use the flaw to access resources which should be restricted to the specified IP ranges.