A security researcher from Palo Alto Networks' Unit 42, Aviv Sasson discovered a critical vulnerability in Harbor cloud native registry that could allow attackers to take control of Harbor registries with the default configuration.
More details about the vulnerability
The privilege escalation vulnerability tracked as CVE-2019-16097 allows attackers to send a malicious request to a vulnerable machine and register a new user with the privileges of an administrator.
“The attacker can create a new user and set it to be admin. After that, they can connect to Harbor registry via the Docker command line tool with the new credentials and replace the current images with anything they desire. These can include malware, crypto miners or even worse,” Sasson explained.
Patch available
The vulnerability impacts versions 1.7.0 through 1.8.2. However, the Harbor team released the patch to address this issue. The patch is included in the latest Harbor versions 1.7.6 and 1.8.3.
All users are recommended to update their Harbor installations because this vulnerability gives anyone full access to their registry.
Publisher