Harbor Enables Privilege Escalation From Zero to admin

Nash N Sulthan
Published on
16 Jun 2021

VMware Harbor Registry is for store and distribute container images, It is an enterprise class registry server. By submitting a malicious message to Harbor registries, attackers will gain control of them. Non-admin users can create admin accounts in Harbor 1.7.0 or 1.8.2 by using the POST /api/users API; this is allowed by core/api/user.go.

Impacted Products

  • VMware Cloud Foundation
  • VMware Harbor Container Registry for PCF How to determine if the product has been threatened:
  • You are using database authentication.
  • You’ve allowed self-registration.

Mitigation / Precaution

  • If your product relies on Harbor, you must immediately update to 1.7.6/1.8.3.
  • In your Harbor Container Registry, disable self-registration for consumers.
  • Instead of using DB authentication, use a different identity provider (such as an LDAP store).
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Nash N Sulthan
Nash N Sulthan
Cyber Security Lead Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment