Listen to this Post
This vulnerability in Gardener’s `gardenlet` component allows attackers with project admin privileges to inject malicious metadata into project secrets. By exploiting improper access controls in the GCP extension, an attacker can manipulate the seed cluster’s metadata service, leading to unauthorized access to the seed cluster hosting shoot clusters. The flaw arises when gardenlet fails to sanitize user-supplied metadata during secret creation, enabling privilege escalation to cluster-admin level.
DailyCVE Form
Platform: Gardener
Version: <1.116.4, 1.117.0-1.117.4, 1.118.0-1.118.1
Vulnerability: Metadata injection
Severity: Critical
Date: May 19, 2025
What Undercode Say:
Exploitation:
- Attacker crafts malicious metadata in a project secret:
metadata: annotations: malicious-key: "malicious-value"
- Leverages GCP extension to propagate metadata to seed cluster.
3. Compromises seed cluster via injected payload.
Protection:
1. Patch to fixed versions (`1.116.4`, `1.117.5`, `1.118.2`).
2. Restrict project admin privileges.
3. Audit logs for anomalous secret modifications:
kubectl logs -n garden gardenlet | grep "secret-update"
Detection Command:
kubectl get shoots --all-namespaces -o json | jq '.items[] | select(.metadata.annotations != null)'
Mitigation Script:
!/bin/sh Force-update gardenlet kubectl -n garden set image deployment/gardenlet gardenlet=gardener/gardenlet:1.118.2
References:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
