CVE-2025-47282

NONE EPSS 43.9%
Published May 19, 20251y ago · Modified Jun 17, 20262w ago
Find Similar
Published May 19, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over the seed cluster where the shoot cluster is managed. This CVE affects all Gardener installations no matter of the public cloud provider(s) used for the seed clusters/shoot clusters. The affected component is `gardener/external-dns-management`. The `external-dns-management` component may also be deployed on the seeds by the `gardener/gardener-extension-shoot-dns-service` extension when the extension is enabled. In this case, all versions of the `shoot-dns-service` extension `<= v1.60.0` are affected by this vulnerability. Version 0.23.6 of Gardener External DNS Management fixes the issue.

Threat Intelligence

EPSS Exploit Probability
43.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

References 1

  • github.com https://github.com/gardener/external-dns-management/security/advisories/GHSA-xwgg-m7fx-83wx

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.