CVE-2022-31078 KubeEdge is an open source system for extending application orchestration capabilities to hosts at the Edge.

CVE-2022-31078 KubeEdge is an open source system for extending application orchestration capabilities to hosts at the Edge.

CloudCore Router is a system intended to provide native container orchestration capabilities to hosts at Edge. CloudCore Router is intended to be a system that is available to all users of CloudNative. CloudCore Router is designed to allow any user to launch a containerized application in any region, using any service provider. This enables users to have the flexibility to choose their desired application deployment options. CloudCore Router allows users to extend native container orchestration capabilities to hosts at Edge using the router plugin. The router plugin allows users to extend native container orchestration capabilities to hosts at Edge using a custom gateway. CloudCore Router provides native support for launching any containerized application at any region.

Installing CloudCore Router

The CloudCore Router installation guide provides instructions on how to install and configure the router plugin.

Overview of CloudCore Router

CloudCore Router is a system intended to provide native container orchestration capabilities to hosts at Edge. CloudCore Router is intended to be a system that is available to all users of CloudNative. CloudCore Router is designed to allow any user to launch a containerized application in any region, using any service provider. This enables users to have the flexibility to choose their desired application deployment options.
CloudCore Router allows users to extend native container orchestration capabilities to hosts at Edge using the router plugin. The router plugin allows users to extend native container orchestration capabilities to hosts at Edge using a custom gateway. CloudCore Router provides native support for launching any containerized application at any region

Supported Types of Applications

CloudCore Router supports the deployment of any containerized application that conforms to Kubernetes as specified in the Kubernetes documentation. CloudCore Router also supports deploying a template application called "the example" which has been customized by OpenProject (https://www.openproject.org) with additional features.

How to enable CloudCore Router in your project?

To enable CloudCore Router, the first step is to make sure that you have a project configured with a config.toml file. The next step is to create a new instance of the router plugin in your environment and specify it's location as "./plugins/router". The final step is enabling the router plugin in your environment. To do this, simply run "CMR_ADD_ROUTER=1" in your environment.
Once you've enabled the router plugin, you'll be able to launch any containerized application at any region using the CMR command line tool.

CVE-2022: Do not trust configuration and commands from CloudCore Router

CVE-2022 is a vulnerability in the following configuration and commands:
* Custom gateway(s) that are configured with a "cloudcore_router" plugin.
* Services that are configured with the "cloudcore_router" plugin.
CVE-2022 is not exploitable when the following conditions are met:
1. The custom gateway(s) and services use their own private key for authentication, authentication is not delegated to CloudCore Router, and all keys are encrypted using TLS ciphers/protocols specified in the current document.
2. The custom gateway(s) and services do not provide any encryption or decryption functionality of public keys without authorization from the user.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe