{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/function-invocation/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["fission"],"_cs_severities":["critical"],"_cs_tags":["fission","function-invocation","bypass","kubernetes"],"_cs_type":"advisory","_cs_vendors":["Fission"],"content_html":"\u003cp\u003eFission is a Kubernetes-native serverless framework. Versions up to 1.22.0 are vulnerable to a function invocation bypass. The Fission router registered an internal-style route (\u003ccode\u003e/fission-function/\u0026lt;ns\u0026gt;/\u0026lt;name\u0026gt;\u003c/code\u003e) for every Function object, irrespective of any existing HTTPTrigger. This route was exposed on the public listener (svc/router, port 8888). An attacker capable of reaching the router could invoke any function by guessing its \u003ccode\u003emetadata.name\u003c/code\u003e and namespace, thereby circumventing the constraints specified in HTTPTrigger objects, such as host, path, and allowed methods. This vulnerability was patched in version v1.23.0.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a Fission deployment with a publicly accessible router (svc/router, port 8888).\u003c/li\u003e\n\u003cli\u003eAttacker enumerates or guesses the \u003ccode\u003emetadata.name\u003c/code\u003e and namespace of Fission functions.\u003c/li\u003e\n\u003cli\u003eAttacker crafts an HTTP GET request to \u003ccode\u003e/fission-function/\u0026lt;ns\u0026gt;/\u0026lt;name\u0026gt;\u003c/code\u003e on the public router endpoint.\u003c/li\u003e\n\u003cli\u003eThe Fission router, lacking proper access control, forwards the request to the specified function.\u003c/li\u003e\n\u003cli\u003eThe function executes, potentially performing unintended actions or leaking sensitive information.\u003c/li\u003e\n\u003cli\u003eIn multi-tenant environments, an attacker in one tenant\u0026rsquo;s pod can invoke functions in another tenant\u0026rsquo;s namespace, crossing tenant boundaries.\u003c/li\u003e\n\u003cli\u003eAttacker bypasses HTTPTrigger-level restrictions (e.g., a function published only on POST /api/v2/foo can be invoked as GET /fission-function/\u003cns\u003e/\u003cname\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker probes response semantics (404 vs 200 vs 502) to enumerate existing function names.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation allows external callers to invoke functions that were not intended for public access, such as internal helpers or sample functions. It also bypasses HTTPTrigger restrictions, enabling invocation of functions with arbitrary headers and bodies. In multi-tenant deployments, this vulnerability can cross tenant boundaries, potentially leading to unauthorized access to sensitive data or resources. Function names can also be enumerated by probing the response semantics, providing attackers with valuable information for further attacks.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Fission v1.23.0 or later to incorporate the fix implemented in PR #3369, which separates public and internal listeners.\u003c/li\u003e\n\u003cli\u003eApply a NetworkPolicy to the Fission namespace to restrict ingress to \u003ccode\u003esvc/router\u003c/code\u003e (port 8888) only from authorized sources and block access to \u003ccode\u003e/fission-function/...\u003c/code\u003e as suggested in the mitigation steps.\u003c/li\u003e\n\u003cli\u003eIf an ingress controller is used, implement path-based filtering at the ingress layer to block access to \u003ccode\u003e/fission-function/\u003c/code\u003e until the upgrade is complete.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Fission Function Invocation Bypass\u003c/code\u003e to identify attempts to exploit this vulnerability.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-21T20:15:31Z","date_published":"2026-05-21T20:15:31Z","id":"https://feed.craftedsignal.io/briefs/2026-05-fission-function-bypass/","summary":"The Fission router exposes the `/fission-function/\u003cns\u003e/\u003cname\u003e` endpoint on its public listener, allowing invocation of any function without an HTTPTrigger, leading to unauthorized function access and potential cross-tenant exploitation; patched in v1.23.0.","title":"Fission Function Invocation Bypass via Public Router Endpoint","url":"https://feed.craftedsignal.io/briefs/2026-05-fission-function-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Function-Invocation","version":"https://jsonfeed.org/version/1.1"}