4 matches found
CVE-2026-6389
IBM Turbonomic Prometurbo agent (application resource management) versions 8.16.0–8.17.6 expose cluster‑wide permissions, including unrestricted read access to all secrets. This enables an attacker with operator/service account access to exfiltrate credentials, escalate privileges, and potentiall...
CVE-2026-6389 IBM Turbonomic Prometurbo agent used by IBM Turbonomic Application Resource Management is affected by a single vulnerability
IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensitive credentials,...
CVE-2026-6389
IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensitive credentials,...
CVE-2025-10725 Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin
A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the...