Lucene search
+L

168 matches found

susecve
susecve
added 2024/12/23 4:4 a.m.6 views

SUSE CVE-2024-9779

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS6.6AI score0.00447EPSS
Exploits0References4
osv
osv
added 2024/12/18 12:31 a.m.7 views

GHSA-JHH6-6FHP-Q2XP Open Cluster Management vulnerable to Trust Boundary Violation

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS7.4AI score0.00447EPSS
Exploits0References7
github
github
added 2024/12/18 12:31 a.m.12 views

Open Cluster Management vulnerable to Trust Boundary Violation

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS6.6AI score0.00447EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2024/12/17 11:15 p.m.13 views

CVE-2024-9779

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS0.00447EPSS
Exploits0References5
osv
osv
added 2024/12/17 10:59 p.m.6 views

CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS7AI score0.00447EPSS
Exploits0References9
cve
cve
added 2024/12/17 10:59 p.m.49 views

CVE-2024-9779

CVE-2024-9779 – Open Cluster Management (OCM) is described across OSV/GHSA entries as a trust-boundary vulnerability in the cluster-manager workflow. The issue arises when a worker-node host runs the cluster-manager pod using a service account named “cluster-manager” bound to a ClusterRole that i...

7.5CVSS7.4AI score0.00447EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/12/17 10:59 p.m.18 views

CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS6.7AI score0.00447EPSS
Exploits0References5
cvelist
cvelist
added 2024/12/17 10:59 p.m.23 views

CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS0.00447EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2024/12/17 12:0 a.m.12 views

PT-2024-39837 · Unknown +1 · Open Cluster Management +1

Name of the Vulnerable Software and Affected Versions: Open Cluster Management OCM affected versions not specified Description: A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manag...

9.9CVSS6AI score0.75197EPSS
Exploits5References66
cnnvd
cnnvd
added 2024/12/17 12:0 a.m.6 views

Open Cluster Management 安全漏洞

Open Cluster Management OCM is a community-driven project of Open Cluster Management open source. Focused on multi-cluster and multi-cloud scenarios for Kubernetes applications. A security vulnerability exists in Open Cluster Management that stems from a vulnerability found in Open Cluster...

7.5CVSS7.2AI score0.00447EPSS
Exploits0References6
nvd
nvd
added 2024/12/06 8:15 p.m.16 views

CVE-2024-0139

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...

4.4CVSS0.00128EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/06 7:37 p.m.9 views

CVE-2024-0139

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...

4.4CVSS6.9AI score0.00128EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/06 7:37 p.m.27 views

CVE-2024-0139

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...

4.4CVSS0.00128EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/12/06 12:0 a.m.4 views

NVIDIA Base Command Manager和NVIDIA Bright Cluster Manager 安全漏洞

NVIDIA Base Command Manager and NVIDIA Bright Cluster Manager are both products of NVIDIA Corporation.NVIDIA Base Command Manager is a base command manager.NVIDIA Bright Cluster Manager is a cluster manager. NVIDIA Bright Cluster Manager is a cluster manager. NVIDIA Bright Cluster Manager is a...

4.4CVSS6.7AI score0.00128EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/12/06 12:0 a.m.8 views

PT-2024-15358 · Nvidia +1 · Nvidia Base Command Manager +1

Name of the Vulnerable Software and Affected Versions: NVIDIA Base Command Manager and Bright Cluster Manager for Linux affected versions not specified Description: The issue is related to an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of...

4.4CVSS6.9AI score0.00128EPSS
Exploits0References4
redhatcve
redhatcve
added 2024/10/10 9:0 p.m.10 views

CVE-2024-9779

A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...

7.5CVSS6.5AI score0.00447EPSS
Exploits0References6
cnnvd
cnnvd
added 2024/07/26 12:0 a.m.5 views

Severalnines Cluster Control 安全漏洞

Severalnines Cluster Control is agentless management and automation software for database clusters from Severalnines. Severalnines Cluster Control versions 1.9.8 prior to 1.9.8-9778, 2.0.0 prior to 2.0.0-9779, and 2.1.0 prior to 2.1.0-9780 have a security vulnerability that originates from the...

7.5CVSS9AI score0.06464EPSS
Exploits1References5
susecve
susecve
added 2024/06/16 4:19 a.m.10 views

SUSE CVE-2023-6710

A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...

5.4CVSS5.7AI score0.02242EPSS
Exploits5References2
nessus
nessus
added 2024/06/06 12:0 a.m.22 views

RHEL 9 : booth (RHSA-2024:3660)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3660 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...

5.9CVSS5.8AI score0.00535EPSS
Exploits0References4
nessus
nessus
added 2024/06/06 12:0 a.m.16 views

RHEL 8 : booth (RHSA-2024:3658)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3658 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...

5.9CVSS5.8AI score0.00535EPSS
Exploits0References4
Rows per page
Query Builder