| Description | Severity | Notes |
|---|---|---|
ServiceAccount token disclosure via Azure IPAM CNI plugin logsReference: TTA-2026-002, CVE-2026-41185 Date published: May 27, 2026 |
Medium | N/A |
Summary
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map (stdinData) at INFO level to /var/log/calico/cni/cni.log on every CNI ADD and DEL invocation — once per pod scheduled or terminated on the node. When the cluster is deployed using token-based Kubernetes authentication, this log entry contains the ServiceAccount token, client key, and certificate authority in plaintext. Any principal with read access to /var/log/calico/cni/cni.log on a node can read these logs and extract the credentials, which grant cluster-wide Calico networking admin privileges.
Severity
CVSSv4.0: 6.0 (Medium)
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
Only deployments using the Azure IPAM plugin with token-based Kubernetes authentication are exposed. The attack requires read access to the CNI plugin log file /var/log/calico/cni/cni.log on a node (for example via SSH, a privileged hostPath pod, or a downstream log-aggregation system that scrapes node logs) and a successful match of the leaked token; once obtained, the token grants cluster-wide Calico networking admin privileges, enabling traffic redirection, policy bypass, and lateral movement.
References
Weakness Enumeration
CWE-532: Insertion of Sensitive Information into Log File
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Impact
CAPEC-150: Collect Data from Common Resource Locations
Indicators of Impact/Compromise
- Presence of the strings k8s_auth_token, k8s_client_key, or k8s_certificate_authority in /var/log/calico/cni/cni.log on any node running an affected version with the Azure IPAM plugin enabled.
- Unexpected reads of /var/log/calico/cni/cni.log on nodes, unexpected hostPath pods mounting /var/log/, or log-store queries matching “Updated CNI network configuration for Azure” from non-admin identities.
- Calico API server or calicoctl requests authenticated as the calico-node ServiceAccount originating from unexpected source IPs, pods, or workloads.
Workaround/Mitigation
Restrict read access to /var/log/calico/cni/cni.log on nodes. Replace k8s_auth_token with kubeconfig in the affected CNI ConfigMap, rotate the SA token / client key / CA, and upgrade.
Affected Releases
- Calico Open Source
- All versions prior to v3.32.0
- Calico Enterprise
- All versions prior to v3.21.7
- Prior to v3.22.3 on the v3.22 line
- Calico Cloud
- All versions prior to v22.4.0
Only deployments using the Azure IPAM plugin with token-based Kubernetes authentication are exposed.
Fixed Versions
- Calico Open Source
- v3.32.0 and later
- Calico Enterprise
- v3.21.7 and later on the v3.21 line
- v3.22.3 and later on the v3.22 line
- Calico Cloud
- v22.4.0 and later
Acknowledgments
We would like to thank the following individuals:
- Behnam Shobiri — Finder and Remediation Developer
- Anthony Tam — Remediation Reviewer
- Casey Davenport — Remediation Verifier
- Matt Dupre — Remediation Reviewer
