168 matches found
SUSE CVE-2024-9779
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
GHSA-JHH6-6FHP-Q2XP Open Cluster Management vulnerable to Trust Boundary Violation
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
Open Cluster Management vulnerable to Trust Boundary Violation
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
CVE-2024-9779
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
CVE-2024-9779
CVE-2024-9779 – Open Cluster Management (OCM) is described across OSV/GHSA entries as a trust-boundary vulnerability in the cluster-manager workflow. The issue arises when a worker-node host runs the cluster-manager pod using a service account named “cluster-manager” bound to a ClusterRole that i...
CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
CVE-2024-9779 Open-cluster-management-io/ocm: cluster-manager permissions may allow a worker node to obtain service account tokens
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
PT-2024-39837 · Unknown +1 · Open Cluster Management +1
Name of the Vulnerable Software and Affected Versions: Open Cluster Management OCM affected versions not specified Description: A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manag...
Open Cluster Management 安全漏洞
Open Cluster Management OCM is a community-driven project of Open Cluster Management open source. Focused on multi-cluster and multi-cloud scenarios for Kubernetes applications. A security vulnerability exists in Open Cluster Management that stems from a vulnerability found in Open Cluster...
CVE-2024-0139
NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...
CVE-2024-0139
NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...
CVE-2024-0139
NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service...
NVIDIA Base Command Manager和NVIDIA Bright Cluster Manager 安全漏洞
NVIDIA Base Command Manager and NVIDIA Bright Cluster Manager are both products of NVIDIA Corporation.NVIDIA Base Command Manager is a base command manager.NVIDIA Bright Cluster Manager is a cluster manager. NVIDIA Bright Cluster Manager is a cluster manager. NVIDIA Bright Cluster Manager is a...
PT-2024-15358 · Nvidia +1 · Nvidia Base Command Manager +1
Name of the Vulnerable Software and Affected Versions: NVIDIA Base Command Manager and Bright Cluster Manager for Linux affected versions not specified Description: The issue is related to an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of...
CVE-2024-9779
A flaw was found in Open Cluster Management OCM when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named...
Severalnines Cluster Control 安全漏洞
Severalnines Cluster Control is agentless management and automation software for database clusters from Severalnines. Severalnines Cluster Control versions 1.9.8 prior to 1.9.8-9778, 2.0.0 prior to 2.0.0-9779, and 2.1.0 prior to 2.1.0-9780 have a security vulnerability that originates from the...
SUSE CVE-2023-6710
A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...
RHEL 9 : booth (RHSA-2024:3660)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3660 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...
RHEL 8 : booth (RHSA-2024:3658)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3658 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...