CVE-2022-23551

Name of the Vulnerable Software and Affected Versions AAD Pod Identity versions prior to 1.8.13

Description The issue is related to the NMI component in AAD Pod Identity, which intercepts and validates token requests based on regex. A token request made with a backslash in the request, for example, /metadata/identityoauth2token/, would bypass the NMI validation and be sent to IMDS, allowing a pod in the cluster to access identities that it shouldn't have access to.

Recommendations For AAD Pod Identity versions prior to 1.8.13, update to version 1.8.13 to resolve the issue. If using the AKS pod-managed identities add-on, no action is required, as the clusters should now be running the version 1.8.13 release. As a temporary workaround, consider restricting access to the /metadata/identity/oauth2/token endpoint to minimize the risk of exploitation.