Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.
In the shadow file configuration of the operating system, the root account has been assigned an empty password (blank password). This means that the authentication mechanism does not require the user to provide any credentials when logging into the root account. A remote attacker can exploit this vulnerability to gain system access without needing to know the password.
An attacker can completely bypass authentication and gain unauthorized access to the system with root account privileges, resulting in full takeover of the container environment — including data confidentiality, integrity, and availability.
Apply patches available from the vendor according to the references. As a temporary workaround, it is recommended to immediately set a strong password for the root account in the shadow file or replace the vulnerable container image with an updated version.
Cockroach Labs cockroach-k8s-request-cert container image — versions indicated in the vendor references and in the ZDI-25-855 advisory.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCockroachlabs Cockroach K8s Request Cert
APPCockroachlabswszystkie wersje