Lucene search
CVE-2023-30840
Fluid, Kubernetes-native distributed dataset orchestrator, allows attacker to manipulate system-level-privileged components to access all secrets and execute pods on other nodes. Fix in 0.8.6
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | GO-2023-1763 On a compromised node, the fluid-csi service account can be used to modify node specs in github.com/fluid-cloudnative/fluid | 20 Aug 202420:29 | – | osv |
| CVE-2023-30840 | 8 May 202318:15 | – | osv |
| On a compromised node, the fluid-csi service account can be used to modify node specs | 9 May 202319:58 | – | osv |
 | Privilege Escalation | 11 May 202304:47 | – | veracode |
 | CVE-2023-30840 On a compromised node, the fluid-csi service account can be used to modify node specs | 8 May 202317:45 | – | cvelist |
 | Code injection | 8 May 202318:15 | – | prion |
 | On a compromised node, the fluid-csi service account can be used to modify node specs | 9 May 202319:58 | – | github |
 | CVE-2023-30840 On a compromised node, the fluid-csi service account can be used to modify node specs | 8 May 202317:45 | – | vulnrichment |
 | CVE-2023-30840 | 8 May 202318:15 | – | nvd |
Node
[
{
"vendor": "fluid-cloudnative",
"product": "fluid",
"versions": [
{
"version": ">= 0.7.0, < 0.8.6",
"status": "affected"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 May 2023 18:15Current
6.6Medium risk
Vulners AI Score6.6
CVSS35.8 - 7.8
EPSS0.00042
SSVC