CVE-2026-46614 Overview
CVE-2026-46614 is a broken access control vulnerability [CWE-284] in Fission, an open-source Kubernetes-native serverless framework. Versions prior to 1.23.0 register internal-style routes /fission-function/<name> and /fission-function/<ns>/<name> for every Function object, regardless of whether an HTTPTrigger exists. These routes are mounted on the same listener as user-defined HTTPTriggers at svc/router port 8888. Any caller able to reach the router can invoke any function by guessing its metadata.name and namespace. The flaw bypasses host, path, method, and method-allow-list restrictions configured in HTTPTrigger objects. Maintainers patched the issue in Fission 1.23.0.
Critical Impact
Unauthenticated network attackers reaching the Fission router can invoke arbitrary functions, bypassing all HTTPTrigger access controls.
Affected Products
- Fission versions prior to 1.23.0
- Fission router component (svc/router on port 8888)
- Kubernetes clusters running vulnerable Fission deployments
Discovery Timeline
- 2026-06-10 - CVE-2026-46614 published to NVD
- 2026-06-10 - Last updated in NVD database
Technical Details for CVE-2026-46614
Vulnerability Analysis
The Fission router is the data-plane HTTP entry point for invoking serverless functions in a Fission deployment. Administrators define HTTPTrigger Custom Resources to expose functions on specific host, path, and HTTP method combinations, including method allow-lists. These triggers are the documented authorization surface for function invocation.
The router additionally registers internal-style routes for every Function object at /fission-function/<name> and /fission-function/<ns>/<name>. These routes were intended for internal use but were mounted on the same listener as user-defined triggers. Any client that can reach port 8888 can call these routes directly and execute the function logic without an HTTPTrigger.
Root Cause
The router did not separate the internal function-invocation routes from the externally reachable listener. There was no authentication or authorization check gating /fission-function/* paths. Function objects were exposed simply by existing in the cluster, which contradicts the security model implied by the HTTPTrigger resource.
Attack Vector
An attacker with network access to the Fission router sends an HTTP request to /fission-function/<namespace>/<function-name>. Function names follow Kubernetes metadata.name conventions and are often predictable or enumerable. The router resolves the Function object and invokes it, returning the function output to the attacker. Host headers, path prefixes, and method restrictions defined in HTTPTrigger objects are not consulted. Refer to the GitHub Security Advisory GHSA-3g33-6vg6-27m8 for additional technical context.
Detection Methods for CVE-2026-46614
Indicators of Compromise
- HTTP requests to the router containing the path prefix /fission-function/ from sources other than internal Fission components.
- Function executions in Fission logs without a corresponding HTTPTrigger match.
- Requests to svc/router:8888 originating from outside the cluster or from unexpected namespaces.
Detection Strategies
- Inspect router access logs and Kubernetes ingress logs for requests matching /fission-function/<name> or /fission-function/<ns>/<name> patterns.
- Compare invoked function names against the set of functions exposed by HTTPTrigger objects and alert on mismatches.
- Audit running Fission versions across clusters and flag any deployment below 1.23.0.
Monitoring Recommendations
- Forward Fission router logs to a central analytics platform and build queries on the /fission-function/ path prefix.
- Monitor egress and lateral traffic to port 8888 of the router service from unexpected pods or external IPs.
- Track creation of new Function objects and correlate against HTTPTrigger definitions to identify exposure drift.
How to Mitigate CVE-2026-46614
Immediate Actions Required
- Upgrade Fission to version 1.23.0 or later in all clusters.
- Restrict network access to the Fission router service (svc/router, port 8888) to trusted ingress controllers and namespaces only.
- Review all existing Function objects and remove any that are not intended to be invocable.
Patch Information
Fission 1.23.0 removes the unauthenticated /fission-function/* exposure on the public listener. The relevant code changes are tracked in GitHub Pull Request #3365 and GitHub Pull Request #3369. Release notes are available in the GitHub Release v1.23.0.
Workarounds
- Apply a Kubernetes NetworkPolicy that limits ingress to the router pod to authorized clients only.
- Place an authenticating reverse proxy or service mesh in front of the router and block requests matching the /fission-function/ path prefix.
- Move Function objects to namespaces with restricted RBAC and unpredictable names to reduce enumeration risk until patching is complete.
# Example NetworkPolicy restricting router ingress to a specific namespace
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: fission-router-restrict
namespace: fission
spec:
podSelector:
matchLabels:
svc: router
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
name: ingress-nginx
ports:
- protocol: TCP
port: 8888
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
