{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/kcp/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["kcp","kubernetes","cache","authentication","authorization","privilege-escalation"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eThe kcp (Kubernetes Cluster Platform) cache server, responsible for replicating resources, is directly exposed by the root shard without any authentication or authorization checks. This vulnerability allows anyone with network access to the root shard to read replicated resources and potentially write to the cache server, creating a race condition. The lack of authentication in the preHandlerChainMux, specifically identified in \u003ccode\u003epkg/server/config.go\u003c/code\u003e at line 514-518, causes the cache server to be proxied before authentication or authorization can take place. This impacts kcp versions prior to v0.29.3 and between v0.30.0 and v0.30.3. This vulnerability allows unauthorized access to sensitive information, including RBAC rules, cluster topology, API surfaces, admission control policies, and tenancy configurations.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains network access to the kcp root shard, typically through exposed ports or external URLs.\u003c/li\u003e\n\u003cli\u003eAttacker crafts an HTTP request targeting the \u003ccode\u003e/services/cache/*\u003c/code\u003e endpoint without any authentication headers.\u003c/li\u003e\n\u003cli\u003eThe request bypasses authentication and authorization checks due to the flawed preHandlerChainMux configuration.\u003c/li\u003e\n\u003cli\u003eThe attacker reads replicated resources from the cache, such as clusterroles, clusterrolebindings, logicalclusters, apiexports, and validatingwebhookconfigurations.\u003c/li\u003e\n\u003cli\u003e(Optional) The attacker attempts to inject a malicious ClusterRole and ClusterRoleBinding via a POST request to the cache server.\u003c/li\u003e\n\u003cli\u003eThe cache etcd watch fires, notifying the authorization informer and replication controller in parallel.\u003c/li\u003e\n\u003cli\u003eThe authorization informer updates its in-memory store, briefly granting the attacker the injected RBAC rules.\u003c/li\u003e\n\u003cli\u003eThe replication controller eventually reconciles and deletes the injected object, but a small window of opportunity exists for privilege escalation.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows unauthorized access to critical cluster information, potentially exposing RBAC configurations, API endpoints, and internal infrastructure details. An attacker can read replicated resources, including cluster roles, cluster role bindings, logical clusters, shards, API exports, API resource schemas, mutating webhook configurations, validating webhook configurations, validating admission policies, and workspace types. While injected objects are quickly cleaned up, a brief race condition allows for temporary privilege escalation. This affects kcp deployments where the root shard is network-reachable by untrusted clients, including Helm chart deployments, Operator deployments with external URLs set, and deployments with a reachable \u0026ndash;shard-external-url.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement network-level access control to restrict access to the \u003ccode\u003e/services/cache/*\u003c/code\u003e paths at the load balancer, reverse proxy, or firewall level as described in the \u003cstrong\u003eWorkarounds\u003c/strong\u003e section of the advisory.\u003c/li\u003e\n\u003cli\u003eDeploy the cache server separately with its own kubeconfig (\u003ccode\u003e--cache-server-kubeconfig\u003c/code\u003e) and restrict network access to it, mitigating direct exposure to the root shard as per the \u003cstrong\u003eWorkarounds\u003c/strong\u003e section.\u003c/li\u003e\n\u003cli\u003eUpgrade to kcp version v0.29.3 or v0.30.3 or later to patch the vulnerability as per \u003cstrong\u003eCVE-2026-39429\u003c/strong\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-08T15:04:22Z","date_published":"2026-04-08T15:04:22Z","id":"/briefs/2026-04-kcp-cache-unauth/","summary":"The kcp cache server is exposed without authentication, allowing unauthorized read access to sensitive data and a race condition for write access that could lead to temporary privilege escalation.","title":"Unauthenticated Access to kcp Cache Server","url":"https://feed.craftedsignal.io/briefs/2026-04-kcp-cache-unauth/"}],"language":"en","title":"CraftedSignal Threat Feed — Kcp","version":"https://jsonfeed.org/version/1.1"}