Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2024-3744
HistoryMay 15, 2024 - 4:27 a.m.

CVE-2024-3744

2024-05-1504:27:59
redhat.com
access.redhat.com
4
azure
csi driver
service account tokens
cloud vault solutions
log level 2

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

A flaw was found in azure-file-csi-driver. Anyone with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions.

Related

osv 1
cvelist 1
veracode 1
cve 1
github 1
osv
osv
azure-file-csi-driver leaks service account tokens in the logs
2024-05-15 03:30:43
cvelist
cvelist
CVE-2024-3744 Kubernetes azure-file-csi-driver in versions before 1.29.4 and 1.30.1 discloses service account tokens in logs
2024-05-15 00:42:36
veracode
veracode
Sensitive Information Disclosure
2024-05-16 07:30:43
cve
cve
CVE-2024-3744
2024-05-15 01:15:07
github
github
azure-file-csi-driver leaks service account tokens in the logs
2024-05-15 03:30:43

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON
Related for RH:CVE-2024-3744
osv1cvelist1veracode1cve1github1