Hell's Keychain
Published Thu, Dec 1st, 2022
Platforms
Summary
IBM Cloud Databases for PostgreSQL was vulnerable to an attack sequence comprised of PostgreSQL privilege escalation via SQL Injection and chaining of three secrets scattered in the service environment (a K8s service account token, a private container registry password, and CI/CD server credentials), which were abusable due to overly permissive network access to internal build servers. A malicious actor could have exploited this vulnerability to remotely execute code in other customers’ environments in order to read and modify data stored in their PostgreSQL databases.
Affected Services
IBM Cloud Databases
Remediation
None required.
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/korniko98
Entry Status
Finalized
Disclosure Date
Thu, Aug 25th, 2022
Exploitability Period
-
Known ITW Exploitation
-
Detection Methods
None
Piercing Index Rating
-
Discovered by
Ronen Shustin, Shir Tamari, Wiz
