Privilege Escalation

CubeFS is vulnerable to Privilege Escalation. The vulnerability is due to not restricting/restraining the secrets which are accessed by DaemonSet of CubeFS. This can lead to an attacker controlling a worker node to make a cluster-level privilege escalation by leveraging the pod controlled by...

GHSA-9337-8C6C-C2XG CubeFS allows Kubernetes cluster-level privilege escalation

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

CubeFS allows Kubernetes cluster-level privilege escalation

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

CVE-2023-30512

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

CVE-2023-30512

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

Privilege escalation

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

CVE-2023-30512

CubeFS

PT-2023-7482 · Cubefs · Cubefs

Name of the Vulnerable Software and Affected Versions: CubeFS versions 3.2.1 and earlier Description: The issue is related to incorrect permission assignment for a critical resource in CubeFS, a cloud data storage system. This can allow a remote attacker to gain unauthorized access to the device...

CubeFS 安全漏洞

CubeFS is a cloud-native file storage for CubeFS individual developers. A security vulnerability exists in CubeFS versions prior to 3.2.1, which stems from DaemonSet having cfs-csi-cluster-role that lists all passwords, including the administrator password...

CVE-2023-30512

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret...

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023. "The novel Dero cryptojacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening ...

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023. "The novel Dero cryptojacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening ...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Linuxfoundation Containerd

PoC for CVE-2022-23648 This is a proof of concept for @fel...

Design/Logic Flaw

Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take over any host in the cluster. Weave Net is...

Information Disclosure

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

Session Fixation

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

Remote Code Execution (RCE)

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...