Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2024-33398
HistoryMay 03, 2024 - 12:00 a.m.

CVE-2024-33398

2024-05-0300:00:00
mitre
www.cve.org
2
cve-2024-33398
clusterrole
privilege escalation

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

15.5%

JSON

There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the cluster.

Related

cve 1
osv 2
veracode 1
vulnrichment 1
nvd 1
github 1
cve
cve
CVE-2024-33398
2024-05-03 16:15:11
osv
osv
piraeus-operator allows attacker to impersonate service account
2024-05-03 18:30:36
piraeus-operator allows attacker to impersonate service account in github.com/piraeusdatastore/piraeus-operator
2024-06-05 15:10:42
veracode
veracode
Improper Access Control
2024-05-07 06:45:54
vulnrichment
vulnrichment
CVE-2024-33398
2024-05-03 00:00:00
nvd
nvd
CVE-2024-33398
2024-05-03 16:15:11
github
github
piraeus-operator allows attacker to impersonate service account
2024-05-03 18:30:36

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

15.5%

JSON
Related for CVELIST:CVE-2024-33398
cve1osv2veracode1vulnrichment1nvd1github1