CWE-306
AllowedMissing Authentication for Critical Function
Abstraction: Base · Status: Draft
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
3465 vulnerabilities reference this CWE, most recent first.
GHSA-3CPP-X8VC-586M
Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. While the vulnerability is in Oracle WebCenter Portal, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Portal. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
{
"affected": [],
"aliases": [
"CVE-2026-46846"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-17T10:54:02Z",
"severity": "CRITICAL"
},
"details": "Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. While the vulnerability is in Oracle WebCenter Portal, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Portal. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"id": "GHSA-3cpp-x8vc-586m",
"modified": "2026-06-17T18:35:31Z",
"published": "2026-06-17T18:35:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46846"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cspujun2026.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3F3R-G48R-83HH
Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2022-10-22 12:00A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected.
{
"affected": [],
"aliases": [
"CVE-2020-25634"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-26T21:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in Red Hat 3scale\u2019s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected.",
"id": "GHSA-3f3r-g48r-83hh",
"modified": "2022-10-22T12:00:31Z",
"published": "2022-05-24T22:28:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25634"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880201"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3FJC-956C-32MF
Vulnerability from github – Published: 2023-11-28 21:30 – Updated: 2023-11-28 21:30The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup.
{
"affected": [],
"aliases": [
"CVE-2023-29063"
],
"database_specific": {
"cwe_ids": [
"CWE-1299",
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-28T21:15:07Z",
"severity": "LOW"
},
"details": "The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup.",
"id": "GHSA-3fjc-956c-32mf",
"modified": "2023-11-28T21:30:25Z",
"published": "2023-11-28T21:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29063"
},
{
"type": "WEB",
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3G85-XPC2-P2HQ
Vulnerability from github – Published: 2026-02-16 12:30 – Updated: 2026-02-16 12:30The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces (0.0.0.0) on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to hijack the WhatsApp session. This allows the attacker to send messages on behalf of the user, intercept all incoming messages and media in real-time, and capture authentication QR codes.
{
"affected": [],
"aliases": [
"CVE-2026-2577"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-16T10:16:08Z",
"severity": "CRITICAL"
},
"details": "The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces (0.0.0.0) on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to hijack the WhatsApp session. This allows the attacker to send messages on behalf of the user, intercept all incoming messages and media in real-time, and capture authentication QR codes.",
"id": "GHSA-3g85-xpc2-p2hq",
"modified": "2026-02-16T12:30:25Z",
"published": "2026-02-16T12:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2577"
},
{
"type": "WEB",
"url": "https://github.com/HKUDS/nanobot/releases/tag/v0.1.3.post7"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/research/tra-2026-09"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3G9H-9HP4-654V
Vulnerability from github – Published: 2026-03-18 20:11 – Updated: 2026-03-25 18:12Summary
The SiYuan kernel WebSocket server accepts unauthenticated connections when a specific “auth keepalive” query parameter is present. After connection, incoming messages are parsed using unchecked type assertions on attacker-controlled JSON.
A remote attacker can send malformed messages that trigger a runtime panic, potentially crashing the kernel process and causing denial of service.
Details
1. Authentication Bypass via Keepalive Query
Unauthenticated connections are accepted if the request URI matches a specific pattern intended for an authentication page keepalive.
File: kernel/server/serve.go
if !authOk {
authOk = strings.Contains(s.Request.RequestURI, "/ws?app=siyuan") &&
strings.Contains(s.Request.RequestURI, "&id=auth&type=auth")
}
2. Unsafe Type Assertions on Untrusted Input
Incoming JSON messages are parsed into a generic map and fields are accessed without validation.
File: kernel/server/serve.go
cmdStr := request["cmd"].(string)
cmdId := request["reqId"].(float64)
param := request["param"].(map[string]interface{})
Malformed or missing fields trigger a runtime panic. The handler does not implement local panic recovery, allowing crashes to propagate.
PoC
Step 1 — Prepare workspace directory
mkdir -p ./workspace
Step 2 — Run SiYuan container
docker run -d \
-p 6806:6806 \
-e SIYUAN_ACCESS_AUTH_CODE_BYPASS=true \
-v $(pwd)/workspace:/siyuan/workspace \
b3log/siyuan \
--workspace=/siyuan/workspace
Service becomes reachable at http://127.0.0.1:6806
Step 3 — Confirm service availability
Open in browser:
http://127.0.0.1:6806
Step 4 — Connect to unauthenticated WebSocket endpoint
ws://127.0.0.1:6806/ws?app=siyuan&id=auth&type=auth
This connection is accepted without credentials.
Step 5 — Send malformed payload
Payload:
{}
Step 6 — Observe behavior
Monitor container logs:
docker logs -f <container_id>
Impact
An unauthenticated attacker with network access can repeatedly crash the kernel, causing persistent denial of service.
Impact is highest when the service is exposed beyond localhost (e.g., Docker deployments, reverse proxies, LAN access, or public hosting).
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.6.1"
},
"package": {
"ecosystem": "Go",
"name": "github.com/siyuan-note/siyuan/kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33203"
],
"database_specific": {
"cwe_ids": [
"CWE-248",
"CWE-306"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-18T20:11:00Z",
"nvd_published_at": "2026-03-20T23:16:45Z",
"severity": "HIGH"
},
"details": "## Summary\nThe SiYuan kernel WebSocket server accepts unauthenticated connections when a specific \u201cauth keepalive\u201d query parameter is present. After connection, incoming messages are parsed using unchecked type assertions on attacker-controlled JSON.\n\nA remote attacker can send malformed messages that trigger a runtime panic, potentially crashing the kernel process and causing denial of service.\n\n## Details\n**1. Authentication Bypass via Keepalive Query**\n\nUnauthenticated connections are accepted if the request URI matches a specific pattern intended for an authentication page keepalive.\n\n**File: kernel/server/serve.go**\n\n```\nif !authOk {\n authOk = strings.Contains(s.Request.RequestURI, \"/ws?app=siyuan\") \u0026\u0026\n strings.Contains(s.Request.RequestURI, \"\u0026id=auth\u0026type=auth\")\n}\n\n```\n\n**2. Unsafe Type Assertions on Untrusted Input**\n\nIncoming JSON messages are parsed into a generic map and fields are accessed without validation.\n\n**File: kernel/server/serve.go**\n\n```\ncmdStr := request[\"cmd\"].(string)\ncmdId := request[\"reqId\"].(float64)\nparam := request[\"param\"].(map[string]interface{})\n\n```\nMalformed or missing fields trigger a runtime panic.\nThe handler does not implement local panic recovery, allowing crashes to propagate.\n\n## PoC\n**Step 1 \u2014 Prepare workspace directory**\n\n```sh\nmkdir -p ./workspace\n```\n\n**Step 2 \u2014 Run SiYuan container**\n\n```\ndocker run -d \\\n -p 6806:6806 \\\n -e SIYUAN_ACCESS_AUTH_CODE_BYPASS=true \\\n -v $(pwd)/workspace:/siyuan/workspace \\\n b3log/siyuan \\\n --workspace=/siyuan/workspace\n```\n\nService becomes reachable at http://127.0.0.1:6806\n\n**Step 3 \u2014 Confirm service availability**\n\nOpen in browser:\n\n```sh\nhttp://127.0.0.1:6806\n```\n\n**Step 4 \u2014 Connect to unauthenticated WebSocket endpoint**\n\n```sh\nws://127.0.0.1:6806/ws?app=siyuan\u0026id=auth\u0026type=auth\n```\n\nThis connection is accepted without credentials.\n\n**Step 5 \u2014 Send malformed payload**\n\nPayload:\n\n```sh\n\n{}\n\n```\n\n**Step 6 \u2014 Observe behavior**\n\nMonitor container logs:\n\n```sh\n\ndocker logs -f \u003ccontainer_id\u003e\n\n```\n## Impact\nAn unauthenticated attacker with network access can repeatedly crash the kernel, causing persistent denial of service.\n\nImpact is highest when the service is exposed beyond localhost (e.g., Docker deployments, reverse proxies, LAN access, or public hosting).",
"id": "GHSA-3g9h-9hp4-654v",
"modified": "2026-03-25T18:12:26Z",
"published": "2026-03-18T20:11:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-3g9h-9hp4-654v"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33203"
},
{
"type": "PACKAGE",
"url": "https://github.com/siyuan-note/siyuan"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "SiYuan has an Unauthenticated WebSocket DoS via Auth Keepalive Bypass"
}
GHSA-3GWM-7V5Q-JM39
Vulnerability from github – Published: 2025-06-27 12:31 – Updated: 2025-06-27 12:31A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. This vulnerability affects unknown code of the file /setupA.cfg of the component Web-based Management Interface. The manipulation leads to missing authentication. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-6763"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-27T12:15:45Z",
"severity": "HIGH"
},
"details": "A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. This vulnerability affects unknown code of the file /setupA.cfg of the component Web-based Management Interface. The manipulation leads to missing authentication. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-3gwm-7v5q-jm39",
"modified": "2025-06-27T12:31:18Z",
"published": "2025-06-27T12:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6763"
},
{
"type": "WEB",
"url": "https://github.com/zeke2997/CVE_request_comet_system"
},
{
"type": "WEB",
"url": "https://github.com/zeke2997/CVE_request_comet_system#poc"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.314074"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.314074"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.599848"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-3H3V-7X89-CC9G
Vulnerability from github – Published: 2024-11-14 00:31 – Updated: 2024-11-25 21:30Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request.
{
"affected": [],
"aliases": [
"CVE-2024-40405"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-13T23:15:03Z",
"severity": "HIGH"
},
"details": "Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request.",
"id": "GHSA-3h3v-7x89-cc9g",
"modified": "2024-11-25T21:30:48Z",
"published": "2024-11-14T00:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40405"
},
{
"type": "WEB",
"url": "https://blog.cybelesoft.com/thinfinity-workspace-security-bulletin-nov-2024"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3H5F-XP24-J3P4
Vulnerability from github – Published: 2024-05-08 03:30 – Updated: 2025-02-06 18:31The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database.
{
"affected": [],
"aliases": [
"CVE-2024-2860"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-08T02:15:09Z",
"severity": "HIGH"
},
"details": "The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database.",
"id": "GHSA-3h5f-xp24-j3p4",
"modified": "2025-02-06T18:31:03Z",
"published": "2024-05-08T03:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2860"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24260"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3J3Q-WP9X-585P
Vulnerability from github – Published: 2026-04-08 15:04 – Updated: 2026-04-09 14:28Summary
The cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can access the root shard to read and write to the cache server.
Details
The cache server is routed in the pre-mux chain in the shard code. The preHandlerChainMux is handled before any authn/authz in the cache server: https://github.com/kcp-dev/kcp/blob/aaf93d59cbcd0cefb70d94bd8959ce390547c4a2/pkg/server/config.go#L514-L518
This results in the cache server being proxied before any authn/authz in the handler chain takes place.
Attack Vectors
1. Unauthenticated Read Access (Primary)
An attacker can read all replicated resources from the cache without any credentials. This exposes:
| Category | Resources | Severity | Reason |
|---|---|---|---|
| RBAC | clusterroles, clusterrolebindings (filtered by annotation) | High | Only subset with internal.kcp.io/replicate annotation: access rules, APIExport bind/content rules, WorkspaceType use rules. Reveals permission structure for API access and tenancy. Roles/RoleBindings NOT replicated. |
| Infrastructure | logicalclusters, shards | High | Reveals full cluster topology and shard configuration |
| API surface | apiexports, apiexportendpointslices, apiresourceschemas | High | Reveals all exported APIs and their network endpoints |
| Admission control | mutatingwebhookconfigurations, validatingwebhookconfigurations, validatingadmissionpolicies | High | Reveals admission policies, aids bypass |
| Tenancy | workspacetypes | Medium | Reveals workspace structure |
| Cache metadata | cachedobjects, cachedresources, cachedresourceendpointslices | Medium | Exposes cache state and resource endpoints |
2. Write Access with Race Condition (Secondary)
The cache server allows full CRUD operations. While injected objects are cleaned up by the replication controller, a race condition exists that could allow temporary privilege escalation.
The race window:
- Attacker POSTs a malicious ClusterRole + ClusterRoleBinding to the cache server
- Cache etcd watch fires and notifies two consumers in parallel: 2.1. The authorization informer (CacheKubeSharedInformerFactory) updates its in-memory store — the GlobalAuthorizer and WorkspaceContentAuthorizer now see the injected RBAC rules 2.2. The replication controller's informer enqueues a reconcile to its workqueue
- Replication controller worker dequeues, calls getLocalCopy() → not found, deletes the object
Between steps 2 and 3, any API request hitting the GlobalAuthorizer (global_authorizer.go:89-101) would evaluate RBAC against a store that includes the attacker's injected rules. The authorization informer and the replication controller share the same CacheKubeSharedInformerFactory (config.go:361), so the object is visible to authorization as soon as the informer cache updates — before the replication controller can process and delete it.
Practical exploitability is low — the window is sub-second, requiring the attacker to fire the privileged API request with precise timing. However, it could be automated in a tight loop. The workqueue rate limiter could also widen the window under load.
Self-healing mechanism: The replication controller acts as a self-healing mechanism. Objects injected into the cache are deleted almost instantly because:
Creating an object in cache triggers the cache informer Replication controller reconciles, calls getLocalCopy() → not found Controller calls deleteObject() on the cache copy (replication_reconcile.go:157-168)
Replicatable
Start a kcp root shard and query the cache server, e.g. with:
curl --insecure 'https://root.vespucci.genericcontrolplane.io:6443/services/cache/shards/root/clusters/root/apis/apis.kcp.io/v1alpha1'
Workarounds
Network-level access control: Restrict access to /services/cache/* paths at the load balancer, reverse proxy, or firewall level. External cache server: Deploy the cache server separately with its own kubeconfig (--cache-server-kubeconfig) and restrict network access to it.
Impact
Who is affected: Any kcp deployment where the root shard is network-reachable by untrusted clients. This applies when:
- Helm chart deployments: Affected if the shard's Service or Ingress exposes port 6443 externally.
- Operator deployments: Affected if the Shard resource has spec.externalURL set (or spec.baseURL — externalURL defaults to baseURL if unset). When a shard has an external URL, clients route to it directly, exposing the /services/cache/* path.
- Any deployment method: If the root shard's --shard-external-url is set and reachable from untrusted networks, the cache server is exposed.
Not affected: Deployments where the root shard is behind a front-proxy and is not directly reachable. The front-proxy does not forward /services/cache/* requests.
Write persistence: The replication controller watches the cache informer and acts as a self-healing mechanism. Objects injected into the cache are deleted almost instantly (sub-second) because:
- Creating an object in cache triggers the cache informer
- Replication controller reconciles, calls getLocalCopy() → not found
- Controller calls deleteObject() on the cache copy (replication_reconcile.go:157-168)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/kcp-dev/kcp"
},
"ranges": [
{
"events": [
{
"introduced": "0.30.0"
},
{
"fixed": "0.30.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/kcp-dev/kcp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.29.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-39429"
],
"database_specific": {
"cwe_ids": [
"CWE-302",
"CWE-306",
"CWE-862"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-08T15:04:22Z",
"nvd_published_at": "2026-04-08T21:16:59Z",
"severity": "HIGH"
},
"details": "### Summary\n\nThe cache server is directly exposed by the root shard and has no authentication or authorization in place.\nThis allows anyone who can access the root shard to read and write to the cache server.\n\n### Details\n\nThe cache server is routed in the pre-mux chain in the shard code. \nThe preHandlerChainMux is handled before any authn/authz in the cache server: \nhttps://github.com/kcp-dev/kcp/blob/aaf93d59cbcd0cefb70d94bd8959ce390547c4a2/pkg/server/config.go#L514-L518\n\nThis results in the cache server being proxied before any authn/authz in the handler chain takes place.\n\n### Attack Vectors\n\n#### 1. Unauthenticated Read Access (Primary)\nAn attacker can read all replicated resources from the cache without any credentials. This exposes:\n\n| Category | Resources | Severity | Reason |\n|---|---|---|---|\n| RBAC | clusterroles, clusterrolebindings (filtered by annotation) | High | Only subset with `internal.kcp.io/replicate` annotation: access rules, APIExport bind/content rules, WorkspaceType use rules. Reveals permission structure for API access and tenancy. Roles/RoleBindings NOT replicated. |\n| Infrastructure | logicalclusters, shards | High | Reveals full cluster topology and shard configuration |\n| API surface | apiexports, apiexportendpointslices, apiresourceschemas | High | Reveals all exported APIs and their network endpoints |\n| Admission control | mutatingwebhookconfigurations, validatingwebhookconfigurations, validatingadmissionpolicies | High | Reveals admission policies, aids bypass |\n| Tenancy | workspacetypes | Medium | Reveals workspace structure |\n| Cache metadata | cachedobjects, cachedresources, cachedresourceendpointslices | Medium | Exposes cache state and resource endpoints |\n\n#### 2. Write Access with Race Condition (Secondary)\nThe cache server allows full CRUD operations. While injected objects are cleaned up by the replication controller, a race condition exists that could allow temporary privilege escalation.\n\n#### The race window:\n\n1. Attacker POSTs a malicious ClusterRole + ClusterRoleBinding to the cache server\n2. Cache etcd watch fires and notifies two consumers in parallel:\n2.1. The authorization informer (CacheKubeSharedInformerFactory) updates its in-memory store \u2014 the GlobalAuthorizer and WorkspaceContentAuthorizer now see the injected RBAC rules\n2.2. The replication controller\u0027s informer enqueues a reconcile to its workqueue\n3. Replication controller worker dequeues, calls getLocalCopy() \u2192 not found, deletes the object\n\nBetween steps 2 and 3, any API request hitting the GlobalAuthorizer ([global_authorizer.go:89-101](https://github.com/kcp-dev/kcp/blob/aaf93d59c/pkg/authorization/global_authorizer.go#L89-L101)) would evaluate RBAC against a store that includes the attacker\u0027s injected rules. The authorization informer and the replication controller share the same CacheKubeSharedInformerFactory ([config.go:361](https://github.com/kcp-dev/kcp/blob/aaf93d59c/pkg/server/config.go#L361)), so the object is visible to authorization as soon as the informer cache updates \u2014 before the replication controller can process and delete it.\n\n**Practical exploitability is low** \u2014 the window is sub-second, requiring the attacker to fire the privileged API request with precise timing. However, it could be automated in a tight loop. The workqueue rate limiter could also widen the window under load.\n\n**Self-healing mechanism:** The replication controller acts as a self-healing mechanism. Objects injected into the cache are deleted almost instantly because:\n\nCreating an object in cache triggers the cache informer\nReplication controller reconciles, calls getLocalCopy() \u2192 not found\nController calls deleteObject() on the cache copy ([replication_reconcile.go:157-168](https://github.com/kcp-dev/kcp/blob/aaf93d59c/pkg/reconciler/cache/replication/replication_reconcile.go#L157-L168))\n\n### Replicatable \n\nStart a kcp root shard and query the cache server, e.g. with:\n\n```sh\ncurl --insecure \u0027https://root.vespucci.genericcontrolplane.io:6443/services/cache/shards/root/clusters/root/apis/apis.kcp.io/v1alpha1\u0027\n```\n\n### Workarounds\n\nNetwork-level access control: Restrict access to /services/cache/* paths at the load balancer, reverse proxy, or firewall level.\nExternal cache server: Deploy the cache server separately with its own kubeconfig (--cache-server-kubeconfig) and restrict network access to it.\n\n### Impact\n\nWho is affected: Any kcp deployment where the root shard is network-reachable by untrusted clients. This applies when:\n\n- **Helm chart deployments:** Affected if the shard\u0027s Service or Ingress exposes port 6443 externally.\n- **Operator deployments:** Affected if the Shard resource has spec.externalURL set (or spec.baseURL \u2014 externalURL defaults to baseURL if unset). When a shard has an external URL, clients route to it directly, exposing the /services/cache/* path.\n- **Any deployment method:** If the root shard\u0027s --shard-external-url is set and reachable from untrusted networks, the cache server is exposed.\n\n**Not affected:** Deployments where the root shard is behind a front-proxy and is not directly reachable. The front-proxy does not forward /services/cache/* requests.\n\n**Write persistence:** The replication controller watches the cache informer and acts as a self-healing mechanism. Objects injected into the cache are deleted almost instantly (sub-second) because:\n\n- Creating an object in cache triggers the cache informer\n- Replication controller reconciles, calls getLocalCopy() \u2192 not found\n- Controller calls deleteObject() on the cache copy ([replication_reconcile.go:157-168](https://github.com/kcp-dev/kcp/blob/aaf93d59c/pkg/reconciler/cache/replication/replication_reconcile.go#L157-L168))",
"id": "GHSA-3j3q-wp9x-585p",
"modified": "2026-04-09T14:28:52Z",
"published": "2026-04-08T15:04:22Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/kcp-dev/kcp/security/advisories/GHSA-3j3q-wp9x-585p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39429"
},
{
"type": "PACKAGE",
"url": "https://github.com/kcp-dev/kcp"
},
{
"type": "WEB",
"url": "https://github.com/kcp-dev/kcp/releases/tag/v0.29.3"
},
{
"type": "WEB",
"url": "https://github.com/kcp-dev/kcp/releases/tag/v0.30.3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "kcp\u0027s cache server is accessible without authentication or authorization checks"
}
GHSA-3JCW-CH7P-F8V8
Vulnerability from github – Published: 2026-04-24 00:31 – Updated: 2026-04-24 00:31A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client.
{
"affected": [],
"aliases": [
"CVE-2026-40620"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-24T00:16:28Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in\u00a0SenseLive\u00a0X3050\u2019s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client.",
"id": "GHSA-3jcw-ch7p-f8v8",
"modified": "2026-04-24T00:31:52Z",
"published": "2026-04-24T00:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40620"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json"
},
{
"type": "WEB",
"url": "https://senselive.io/contact"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
- Divide the software into anonymous, normal, privileged, and administrative areas. Identify which of these areas require a proven user identity, and use a centralized authentication capability.
- Identify all potential communication channels, or other means of interaction with the software, to ensure that all channels are appropriately protected, including those channels that are assumed to be accessible only by authorized parties. Developers sometimes perform authentication at the primary channel, but open up a secondary channel that is assumed to be private. For example, a login mechanism may be listening on one network port, but after successful authentication, it may open up a second port where it waits for the connection, but avoids authentication because it assumes that only the authenticated party will connect to the port.
- In general, if the software or protocol allows a single session or user state to persist across multiple connections or channels, authentication and appropriate credential management need to be used throughout.
Mitigation MIT-15
For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Mitigation
- Where possible, avoid implementing custom, "grow-your-own" authentication routines and consider using authentication capabilities as provided by the surrounding framework, operating system, or environment. These capabilities may avoid common weaknesses that are unique to authentication; support automatic auditing and tracking; and make it easier to provide a clear separation between authentication tasks and authorization tasks.
- In environments such as the World Wide Web, the line between authentication and authorization is sometimes blurred. If custom authentication routines are required instead of those provided by the server, then these routines must be applied to every single page, since these pages could be requested directly.
Mitigation MIT-4.5
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator [REF-45].
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to require strong authentication for users who should be allowed to access the data [REF-1297] [REF-1298] [REF-1302].
CAPEC-12: Choosing Message Identifier
This pattern of attack is defined by the selection of messages distributed via multicast or public information channels that are intended for another client by determining the parameter value assigned to that client. This attack allows the adversary to gain access to potentially privileged information, and to possibly perpetrate other attacks through the distribution means by impersonation. If the channel/message being manipulated is an input rather than output mechanism for the system, (such as a command bus), this style of attack could be used to change the adversary's identifier to more a privileged one.
CAPEC-166: Force the System to Reset Values
An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions.
CAPEC-216: Communication Channel Manipulation
An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise.
CAPEC-36: Using Unpublished Interfaces or Functionality
An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for.
CAPEC-62: Cross Site Request Forgery
An attacker crafts malicious web links and distributes them (via web pages, email, etc.), typically in a targeted manner, hoping to induce users to click on the link and execute the malicious action against some third-party application. If successful, the action embedded in the malicious link will be processed and accepted by the targeted application with the users' privilege level. This type of attack leverages the persistence and implicit trust placed in user session cookies by many web applications today. In such an architecture, once the user authenticates to an application and a session cookie is created on the user's system, all following transactions for that session are authenticated using that cookie including potential actions initiated by an attacker and simply "riding" the existing session cookie.