CVE-2022-31055 - Vulnerability Details - OpenCVE

kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Google	Kctf

Configuration 1 [-]

cpe:2.3:a:google:kctf:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202
https://github.com/google/kctf/pull/371
https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5

History

Wed, 23 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-06-13T15:40:10.000Z

Updated: 2025-04-23T18:16:41.999Z

Reserved: 2022-05-18T00:00:00.000Z

Link: CVE-2022-31055

Vulnrichment

Updated: 2024-08-03T07:03:40.255Z

NVD

Status : Modified

Published: 2022-06-13T16:15:08.487

Modified: 2024-11-21T07:03:48.013

Link: CVE-2022-31055

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "kctf", "vendor": "google", "versions": [{"status": "affected", "version": "< 1.6.0"}]}], "descriptions": [{"lang": "en", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-13T15:40:10.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/kctf/pull/371"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}], "source": {"advisory": "GHSA-4g2v-6qc6-6jv5", "discovery": "UNKNOWN"}, "title": "Improper Access Control in kctf", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31055", "STATE": "PUBLIC", "TITLE": "Improper Access Control in kctf"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "kctf", "version": {"version_data": [{"version_value": "< 1.6.0"}]}}]}, "vendor_name": "google"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284: Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5", "refsource": "CONFIRM", "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"name": "https://github.com/google/kctf/pull/371", "refsource": "MISC", "url": "https://github.com/google/kctf/pull/371"}, {"name": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202", "refsource": "MISC", "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}]}, "source": {"advisory": "GHSA-4g2v-6qc6-6jv5", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:03:40.255Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/kctf/pull/371"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-23T15:54:20.011870Z", "id": "CVE-2022-31055", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T18:16:41.999Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31055", "datePublished": "2022-06-13T15:40:10.000Z", "dateReserved": "2022-05-18T00:00:00.000Z", "dateUpdated": "2025-04-23T18:16:41.999Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/google/kctf/pull/371", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:03:40.255Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-31055", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-23T15:54:20.011870Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T15:54:21.276Z"}}], "cna": {"title": "Improper Access Control in kctf", "source": {"advisory": "GHSA-4g2v-6qc6-6jv5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "google", "product": "kctf", "versions": [{"status": "affected", "version": "< 1.6.0"}]}], "references": [{"url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/google/kctf/pull/371", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-06-13T15:40:10.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, "source": {"advisory": "GHSA-4g2v-6qc6-6jv5", "discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "< 1.6.0"}]}, "product_name": "kctf"}]}, "vendor_name": "google"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5", "name": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5", "refsource": "CONFIRM"}, {"url": "https://github.com/google/kctf/pull/371", "name": "https://github.com/google/kctf/pull/371", "refsource": "MISC"}, {"url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202", "name": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284: Improper Access Control"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-31055", "STATE": "PUBLIC", "TITLE": "Improper Access Control in kctf", "ASSIGNER": "security-advisories@github.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-31055", "state": "PUBLISHED", "dateUpdated": "2025-04-23T18:16:41.999Z", "dateReserved": "2022-05-18T00:00:00.000Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2022-06-13T15:40:10.000Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:kctf:*:*:*:*:*:*:*:*", "matchCriteriaId": "B80D91E1-40B9-40C1-ACD2-91D177C0EF56", "versionEndExcluding": "1.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect."}, {"lang": "es", "value": "kCTF es una infraestructura basada en Kubernetes para competiciones de captura de la bandera (CTF). En versiones anteriores a 1.6.0, el cluster kctf set-src-ip-ranges estaba roto y permit\u00eda el tr\u00e1fico desde cualquier IP. El problema ha sido parcheado en versi\u00f3n v1.6.0. Como mitigaci\u00f3n, aquellos que quieran probar los retos de forma privada pueden marcarlos como \"public: false\" y usar \"kctf chal debug port-forward\" para conectarse"}], "id": "CVE-2022-31055", "lastModified": "2024-11-21T07:03:48.013", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-13T16:15:08.487", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/kctf/pull/371"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/kctf/commit/8cf050be974fcc2fd8aa136701f9a66f2b2a5202"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/kctf/pull/371"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/google/kctf/security/advisories/GHSA-4g2v-6qc6-6jv5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}