5 matches found
CVE-2024-45054
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-45054
creationtimestamp| type| source ---|---|--- 2024-08-28 22:39:23+00:00| seen| https://t.me/cvedetector/4350...
CVE-2024-45054
CVE-2024-45054 affects Hwameistor’s clusterrole permissions, allowing a user with access to a worker node to abuse excessive privileges and achieve cluster‑level privilege escalation. Multiple connected sources confirm the issue and point to a fix in Hwameistor v0.14.6. Impact is limited to misco...
CVE-2024-45054 Potential Permission Leakage of Cluster Level in hwameistor
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-45054 Potential Permission Leakage of Cluster Level in hwameistor
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...