Vulnerability Details CVE-2022-31145
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin as the OAuth2 Authorization Server are unaffected by this issue. A patch is available on the `master` branch of the repository. As a workaround, rotating signing keys immediately will invalidate all open sessions and force all users to attempt to obtain new tokens. Those who use this workaround should continue to rotate keys until FlyteAdmin has been upgraded and hide FlyteAdmin deployment ingress URL from the internet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.4%
CVSS Severity
CVSS v3 Score 6.5
References
- https://github.com/flyteorg/flyteadmin/commit/a1ec282d02706e074bc4986fd0412e5da3b9d00a
- https://github.com/flyteorg/flyteadmin/pull/455
- https://github.com/flyteorg/flyteadmin/security/advisories/GHSA-qwrj-9hmp-gpxh
- https://github.com/flyteorg/flyteadmin/commit/a1ec282d02706e074bc4986fd0412e5da3b9d00a
- https://github.com/flyteorg/flyteadmin/pull/455
- https://github.com/flyteorg/flyteadmin/security/advisories/GHSA-qwrj-9hmp-gpxh
Products affected by CVE-2022-31145
-
cpe:2.3:a:flyte:flyteadmin:-
-
cpe:2.3:a:flyte:flyteadmin:0.1.0
-
cpe:2.3:a:flyte:flyteadmin:0.1.1
-
cpe:2.3:a:flyte:flyteadmin:0.1.3
-
cpe:2.3:a:flyte:flyteadmin:0.1.4
-
cpe:2.3:a:flyte:flyteadmin:0.1.5
-
cpe:2.3:a:flyte:flyteadmin:0.1.6
-
cpe:2.3:a:flyte:flyteadmin:0.1.7
-
cpe:2.3:a:flyte:flyteadmin:0.2.0
-
cpe:2.3:a:flyte:flyteadmin:0.2.1
-
cpe:2.3:a:flyte:flyteadmin:0.2.10
-
cpe:2.3:a:flyte:flyteadmin:0.2.11
-
cpe:2.3:a:flyte:flyteadmin:0.2.12
-
cpe:2.3:a:flyte:flyteadmin:0.2.2
-
cpe:2.3:a:flyte:flyteadmin:0.2.3
-
cpe:2.3:a:flyte:flyteadmin:0.2.4
-
cpe:2.3:a:flyte:flyteadmin:0.2.5
-
cpe:2.3:a:flyte:flyteadmin:0.2.6
-
cpe:2.3:a:flyte:flyteadmin:0.2.7
-
cpe:2.3:a:flyte:flyteadmin:0.2.8
-
cpe:2.3:a:flyte:flyteadmin:0.2.9
-
cpe:2.3:a:flyte:flyteadmin:0.3.0
-
cpe:2.3:a:flyte:flyteadmin:0.3.1
-
cpe:2.3:a:flyte:flyteadmin:0.3.10
-
cpe:2.3:a:flyte:flyteadmin:0.3.11
-
cpe:2.3:a:flyte:flyteadmin:0.3.12
-
cpe:2.3:a:flyte:flyteadmin:0.3.13
-
cpe:2.3:a:flyte:flyteadmin:0.3.14
-
cpe:2.3:a:flyte:flyteadmin:0.3.15
-
cpe:2.3:a:flyte:flyteadmin:0.3.16
-
cpe:2.3:a:flyte:flyteadmin:0.3.17
-
cpe:2.3:a:flyte:flyteadmin:0.3.18
-
cpe:2.3:a:flyte:flyteadmin:0.3.19
-
cpe:2.3:a:flyte:flyteadmin:0.3.2
-
cpe:2.3:a:flyte:flyteadmin:0.3.20
-
cpe:2.3:a:flyte:flyteadmin:0.3.21
-
cpe:2.3:a:flyte:flyteadmin:0.3.22
-
cpe:2.3:a:flyte:flyteadmin:0.3.23
-
cpe:2.3:a:flyte:flyteadmin:0.3.24
-
cpe:2.3:a:flyte:flyteadmin:0.3.25
-
cpe:2.3:a:flyte:flyteadmin:0.3.26
-
cpe:2.3:a:flyte:flyteadmin:0.3.27
-
cpe:2.3:a:flyte:flyteadmin:0.3.28
-
cpe:2.3:a:flyte:flyteadmin:0.3.29
-
cpe:2.3:a:flyte:flyteadmin:0.3.3
-
cpe:2.3:a:flyte:flyteadmin:0.3.30
-
cpe:2.3:a:flyte:flyteadmin:0.3.31
-
cpe:2.3:a:flyte:flyteadmin:0.3.32
-
cpe:2.3:a:flyte:flyteadmin:0.3.33
-
cpe:2.3:a:flyte:flyteadmin:0.3.34
-
cpe:2.3:a:flyte:flyteadmin:0.3.35
-
cpe:2.3:a:flyte:flyteadmin:0.3.36
-
cpe:2.3:a:flyte:flyteadmin:0.3.37
-
cpe:2.3:a:flyte:flyteadmin:0.3.38
-
cpe:2.3:a:flyte:flyteadmin:0.3.39
-
cpe:2.3:a:flyte:flyteadmin:0.3.4
-
cpe:2.3:a:flyte:flyteadmin:0.3.40
-
cpe:2.3:a:flyte:flyteadmin:0.3.41
-
cpe:2.3:a:flyte:flyteadmin:0.3.42
-
cpe:2.3:a:flyte:flyteadmin:0.3.43
-
cpe:2.3:a:flyte:flyteadmin:0.3.5
-
cpe:2.3:a:flyte:flyteadmin:0.3.6
-
cpe:2.3:a:flyte:flyteadmin:0.3.7
-
cpe:2.3:a:flyte:flyteadmin:0.3.8
-
cpe:2.3:a:flyte:flyteadmin:0.3.9
-
cpe:2.3:a:flyte:flyteadmin:0.4.0
-
cpe:2.3:a:flyte:flyteadmin:0.4.1
-
cpe:2.3:a:flyte:flyteadmin:0.4.10
-
cpe:2.3:a:flyte:flyteadmin:0.4.11
-
cpe:2.3:a:flyte:flyteadmin:0.4.12
-
cpe:2.3:a:flyte:flyteadmin:0.4.13
-
cpe:2.3:a:flyte:flyteadmin:0.4.14
-
cpe:2.3:a:flyte:flyteadmin:0.4.15
-
cpe:2.3:a:flyte:flyteadmin:0.4.16
-
cpe:2.3:a:flyte:flyteadmin:0.4.17
-
cpe:2.3:a:flyte:flyteadmin:0.4.2
-
cpe:2.3:a:flyte:flyteadmin:0.4.3
-
cpe:2.3:a:flyte:flyteadmin:0.4.4
-
cpe:2.3:a:flyte:flyteadmin:0.4.5
-
cpe:2.3:a:flyte:flyteadmin:0.4.6
-
cpe:2.3:a:flyte:flyteadmin:0.4.7
-
cpe:2.3:a:flyte:flyteadmin:0.4.8
-
cpe:2.3:a:flyte:flyteadmin:0.4.9
-
cpe:2.3:a:flyte:flyteadmin:0.5.0
-
cpe:2.3:a:flyte:flyteadmin:0.5.1
-
cpe:2.3:a:flyte:flyteadmin:0.5.10
-
cpe:2.3:a:flyte:flyteadmin:0.5.11
-
cpe:2.3:a:flyte:flyteadmin:0.5.12
-
cpe:2.3:a:flyte:flyteadmin:0.5.2
-
cpe:2.3:a:flyte:flyteadmin:0.5.3
-
cpe:2.3:a:flyte:flyteadmin:0.5.4
-
cpe:2.3:a:flyte:flyteadmin:0.5.5
-
cpe:2.3:a:flyte:flyteadmin:0.5.6
-
cpe:2.3:a:flyte:flyteadmin:0.5.7
-
cpe:2.3:a:flyte:flyteadmin:0.5.8
-
cpe:2.3:a:flyte:flyteadmin:0.5.9
-
cpe:2.3:a:flyte:flyteadmin:0.6.0
-
cpe:2.3:a:flyte:flyteadmin:0.6.1
-
cpe:2.3:a:flyte:flyteadmin:0.6.10
-
cpe:2.3:a:flyte:flyteadmin:0.6.100
-
cpe:2.3:a:flyte:flyteadmin:0.6.101
-
cpe:2.3:a:flyte:flyteadmin:0.6.102
-
cpe:2.3:a:flyte:flyteadmin:0.6.103
-
cpe:2.3:a:flyte:flyteadmin:0.6.104
-
cpe:2.3:a:flyte:flyteadmin:0.6.105
-
cpe:2.3:a:flyte:flyteadmin:0.6.106
-
cpe:2.3:a:flyte:flyteadmin:0.6.107
-
cpe:2.3:a:flyte:flyteadmin:0.6.108
-
cpe:2.3:a:flyte:flyteadmin:0.6.109
-
cpe:2.3:a:flyte:flyteadmin:0.6.11
-
cpe:2.3:a:flyte:flyteadmin:0.6.110
-
cpe:2.3:a:flyte:flyteadmin:0.6.111
-
cpe:2.3:a:flyte:flyteadmin:0.6.112
-
cpe:2.3:a:flyte:flyteadmin:0.6.113
-
cpe:2.3:a:flyte:flyteadmin:0.6.114
-
cpe:2.3:a:flyte:flyteadmin:0.6.115
-
cpe:2.3:a:flyte:flyteadmin:0.6.116
-
cpe:2.3:a:flyte:flyteadmin:0.6.117
-
cpe:2.3:a:flyte:flyteadmin:0.6.118
-
cpe:2.3:a:flyte:flyteadmin:0.6.119
-
cpe:2.3:a:flyte:flyteadmin:0.6.12
-
cpe:2.3:a:flyte:flyteadmin:0.6.120
-
cpe:2.3:a:flyte:flyteadmin:0.6.121
-
cpe:2.3:a:flyte:flyteadmin:0.6.122
-
cpe:2.3:a:flyte:flyteadmin:0.6.123
-
cpe:2.3:a:flyte:flyteadmin:0.6.124
-
cpe:2.3:a:flyte:flyteadmin:0.6.125
-
cpe:2.3:a:flyte:flyteadmin:0.6.126
-
cpe:2.3:a:flyte:flyteadmin:0.6.127
-
cpe:2.3:a:flyte:flyteadmin:0.6.128
-
cpe:2.3:a:flyte:flyteadmin:0.6.129
-
cpe:2.3:a:flyte:flyteadmin:0.6.13
-
cpe:2.3:a:flyte:flyteadmin:0.6.130
-
cpe:2.3:a:flyte:flyteadmin:0.6.131
-
cpe:2.3:a:flyte:flyteadmin:0.6.132
-
cpe:2.3:a:flyte:flyteadmin:0.6.133
-
cpe:2.3:a:flyte:flyteadmin:0.6.134
-
cpe:2.3:a:flyte:flyteadmin:0.6.135
-
cpe:2.3:a:flyte:flyteadmin:0.6.136
-
cpe:2.3:a:flyte:flyteadmin:0.6.137
-
cpe:2.3:a:flyte:flyteadmin:0.6.138
-
cpe:2.3:a:flyte:flyteadmin:0.6.139
-
cpe:2.3:a:flyte:flyteadmin:0.6.14
-
cpe:2.3:a:flyte:flyteadmin:0.6.140
-
cpe:2.3:a:flyte:flyteadmin:0.6.141
-
cpe:2.3:a:flyte:flyteadmin:0.6.142
-
cpe:2.3:a:flyte:flyteadmin:0.6.143
-
cpe:2.3:a:flyte:flyteadmin:0.6.144
-
cpe:2.3:a:flyte:flyteadmin:0.6.145
-
cpe:2.3:a:flyte:flyteadmin:0.6.146
-
cpe:2.3:a:flyte:flyteadmin:0.6.147
-
cpe:2.3:a:flyte:flyteadmin:0.6.148
-
cpe:2.3:a:flyte:flyteadmin:0.6.149
-
cpe:2.3:a:flyte:flyteadmin:0.6.15
-
cpe:2.3:a:flyte:flyteadmin:0.6.150
-
cpe:2.3:a:flyte:flyteadmin:0.6.16
-
cpe:2.3:a:flyte:flyteadmin:0.6.17
-
cpe:2.3:a:flyte:flyteadmin:0.6.18
-
cpe:2.3:a:flyte:flyteadmin:0.6.19
-
cpe:2.3:a:flyte:flyteadmin:0.6.2
-
cpe:2.3:a:flyte:flyteadmin:0.6.20
-
cpe:2.3:a:flyte:flyteadmin:0.6.21
-
cpe:2.3:a:flyte:flyteadmin:0.6.22
-
cpe:2.3:a:flyte:flyteadmin:0.6.23
-
cpe:2.3:a:flyte:flyteadmin:0.6.24
-
cpe:2.3:a:flyte:flyteadmin:0.6.25
-
cpe:2.3:a:flyte:flyteadmin:0.6.26
-
cpe:2.3:a:flyte:flyteadmin:0.6.27
-
cpe:2.3:a:flyte:flyteadmin:0.6.28
-
cpe:2.3:a:flyte:flyteadmin:0.6.29
-
cpe:2.3:a:flyte:flyteadmin:0.6.3
-
cpe:2.3:a:flyte:flyteadmin:0.6.30
-
cpe:2.3:a:flyte:flyteadmin:0.6.31
-
cpe:2.3:a:flyte:flyteadmin:0.6.32
-
cpe:2.3:a:flyte:flyteadmin:0.6.33
-
cpe:2.3:a:flyte:flyteadmin:0.6.34
-
cpe:2.3:a:flyte:flyteadmin:0.6.35
-
cpe:2.3:a:flyte:flyteadmin:0.6.36
-
cpe:2.3:a:flyte:flyteadmin:0.6.37
-
cpe:2.3:a:flyte:flyteadmin:0.6.38
-
cpe:2.3:a:flyte:flyteadmin:0.6.39
-
cpe:2.3:a:flyte:flyteadmin:0.6.4
-
cpe:2.3:a:flyte:flyteadmin:0.6.40
-
cpe:2.3:a:flyte:flyteadmin:0.6.41
-
cpe:2.3:a:flyte:flyteadmin:0.6.42
-
cpe:2.3:a:flyte:flyteadmin:0.6.43
-
cpe:2.3:a:flyte:flyteadmin:0.6.44
-
cpe:2.3:a:flyte:flyteadmin:0.6.45
-
cpe:2.3:a:flyte:flyteadmin:0.6.46
-
cpe:2.3:a:flyte:flyteadmin:0.6.47
-
cpe:2.3:a:flyte:flyteadmin:0.6.48
-
cpe:2.3:a:flyte:flyteadmin:0.6.49
-
cpe:2.3:a:flyte:flyteadmin:0.6.5
-
cpe:2.3:a:flyte:flyteadmin:0.6.50
-
cpe:2.3:a:flyte:flyteadmin:0.6.51
-
cpe:2.3:a:flyte:flyteadmin:0.6.52
-
cpe:2.3:a:flyte:flyteadmin:0.6.53
-
cpe:2.3:a:flyte:flyteadmin:0.6.54
-
cpe:2.3:a:flyte:flyteadmin:0.6.55
-
cpe:2.3:a:flyte:flyteadmin:0.6.56
-
cpe:2.3:a:flyte:flyteadmin:0.6.57
-
cpe:2.3:a:flyte:flyteadmin:0.6.58
-
cpe:2.3:a:flyte:flyteadmin:0.6.59
-
cpe:2.3:a:flyte:flyteadmin:0.6.6
-
cpe:2.3:a:flyte:flyteadmin:0.6.60
-
cpe:2.3:a:flyte:flyteadmin:0.6.61
-
cpe:2.3:a:flyte:flyteadmin:0.6.62
-
cpe:2.3:a:flyte:flyteadmin:0.6.63
-
cpe:2.3:a:flyte:flyteadmin:0.6.64
-
cpe:2.3:a:flyte:flyteadmin:0.6.65
-
cpe:2.3:a:flyte:flyteadmin:0.6.66
-
cpe:2.3:a:flyte:flyteadmin:0.6.67
-
cpe:2.3:a:flyte:flyteadmin:0.6.68
-
cpe:2.3:a:flyte:flyteadmin:0.6.69
-
cpe:2.3:a:flyte:flyteadmin:0.6.7
-
cpe:2.3:a:flyte:flyteadmin:0.6.70
-
cpe:2.3:a:flyte:flyteadmin:0.6.71
-
cpe:2.3:a:flyte:flyteadmin:0.6.72
-
cpe:2.3:a:flyte:flyteadmin:0.6.73
-
cpe:2.3:a:flyte:flyteadmin:0.6.74
-
cpe:2.3:a:flyte:flyteadmin:0.6.75
-
cpe:2.3:a:flyte:flyteadmin:0.6.76
-
cpe:2.3:a:flyte:flyteadmin:0.6.77
-
cpe:2.3:a:flyte:flyteadmin:0.6.78
-
cpe:2.3:a:flyte:flyteadmin:0.6.79
-
cpe:2.3:a:flyte:flyteadmin:0.6.8
-
cpe:2.3:a:flyte:flyteadmin:0.6.80
-
cpe:2.3:a:flyte:flyteadmin:0.6.81
-
cpe:2.3:a:flyte:flyteadmin:0.6.82
-
cpe:2.3:a:flyte:flyteadmin:0.6.83
-
cpe:2.3:a:flyte:flyteadmin:0.6.84
-
cpe:2.3:a:flyte:flyteadmin:0.6.85
-
cpe:2.3:a:flyte:flyteadmin:0.6.86
-
cpe:2.3:a:flyte:flyteadmin:0.6.87
-
cpe:2.3:a:flyte:flyteadmin:0.6.88
-
cpe:2.3:a:flyte:flyteadmin:0.6.89
-
cpe:2.3:a:flyte:flyteadmin:0.6.9
-
cpe:2.3:a:flyte:flyteadmin:0.6.90
-
cpe:2.3:a:flyte:flyteadmin:0.6.91
-
cpe:2.3:a:flyte:flyteadmin:0.6.92
-
cpe:2.3:a:flyte:flyteadmin:0.6.93
-
cpe:2.3:a:flyte:flyteadmin:0.6.94
-
cpe:2.3:a:flyte:flyteadmin:0.6.95
-
cpe:2.3:a:flyte:flyteadmin:0.6.96
-
cpe:2.3:a:flyte:flyteadmin:0.6.97
-
cpe:2.3:a:flyte:flyteadmin:0.6.98
-
cpe:2.3:a:flyte:flyteadmin:0.6.99
-
cpe:2.3:a:flyte:flyteadmin:1.0.0
-
cpe:2.3:a:flyte:flyteadmin:1.0.1
-
cpe:2.3:a:flyte:flyteadmin:1.1.0
-
cpe:2.3:a:flyte:flyteadmin:1.1.1
-
cpe:2.3:a:flyte:flyteadmin:1.1.10
-
cpe:2.3:a:flyte:flyteadmin:1.1.11
-
cpe:2.3:a:flyte:flyteadmin:1.1.12
-
cpe:2.3:a:flyte:flyteadmin:1.1.13
-
cpe:2.3:a:flyte:flyteadmin:1.1.14
-
cpe:2.3:a:flyte:flyteadmin:1.1.15
-
cpe:2.3:a:flyte:flyteadmin:1.1.16
-
cpe:2.3:a:flyte:flyteadmin:1.1.17
-
cpe:2.3:a:flyte:flyteadmin:1.1.18
-
cpe:2.3:a:flyte:flyteadmin:1.1.19
-
cpe:2.3:a:flyte:flyteadmin:1.1.2
-
cpe:2.3:a:flyte:flyteadmin:1.1.20
-
cpe:2.3:a:flyte:flyteadmin:1.1.21
-
cpe:2.3:a:flyte:flyteadmin:1.1.22
-
cpe:2.3:a:flyte:flyteadmin:1.1.23
-
cpe:2.3:a:flyte:flyteadmin:1.1.24
-
cpe:2.3:a:flyte:flyteadmin:1.1.25
-
cpe:2.3:a:flyte:flyteadmin:1.1.26
-
cpe:2.3:a:flyte:flyteadmin:1.1.27
-
cpe:2.3:a:flyte:flyteadmin:1.1.28
-
cpe:2.3:a:flyte:flyteadmin:1.1.29
-
cpe:2.3:a:flyte:flyteadmin:1.1.3
-
cpe:2.3:a:flyte:flyteadmin:1.1.30
-
cpe:2.3:a:flyte:flyteadmin:1.1.4
-
cpe:2.3:a:flyte:flyteadmin:1.1.5
-
cpe:2.3:a:flyte:flyteadmin:1.1.6
-
cpe:2.3:a:flyte:flyteadmin:1.1.7
-
cpe:2.3:a:flyte:flyteadmin:1.1.8
-
cpe:2.3:a:flyte:flyteadmin:1.1.9