11 matches found
SUSE CVE-2025-62714
Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not...
GO-2025-4072 Karmada Dashboard API Unauthorized Access Vulnerability in github.com/karmada-io/dashboard
Karmada Dashboard API Unauthorized Access Vulnerability in github.com/karmada-io/dashboard...
CVE-2025-62714
Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not...
Karmada Dashboard 安全漏洞
Karmada Dashboard is a web user interface from karmada-io open source. A security vulnerability exists in versions of Karmada Dashboard prior to 0.2.0 that stems from a back-end API endpoint that does not enforce authentication, which could lead to unauthenticated users accessing sensitive cluste...
CVE-2025-62714 Karmada Dashboard API Unauthorized Access Vulnerability
Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not...
EUVD-2025-35859
Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not...
CVE-2025-62714 Karmada Dashboard API Unauthorized Access Vulnerability
Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not...
CVE-2025-62714 Karmada Dashboard API Unauthorized Access Vulnerability
Karmada Dashboard is a general-purpose, web-based control panel for Karmada which is a multi-cluster management project. Prior to version 0.2.0, there is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not...
CVE-2025-62714
Karmada Dashboard had an API authentication bypass before v0.2.0. The backend endpoints (e.g., /api/v1/secret, /api/v1/service) did not enforce authentication, allowing unauthenticated users to access sensitive cluster data (Secrets and Services) directly, even though the web UI required a JWT. A...
GHSA-5QJG-9MJH-4R92 Karmada Dashboard API Unauthorized Access Vulnerability
Impact This is an authentication bypass vulnerability in the Karmada Dashboard API. The backend API endpoints e.g., /api/v1/secret, /api/v1/service did not enforce authentication, allowing unauthenticated users to access sensitive cluster information such as Secrets and Services directly. Althoug...
PT-2025-43651
Name of the Vulnerable Software and Affected Versions Karmada Dashboard versions prior to 0.2.0 Description The Karmada Dashboard, a web-based control panel for the Karmada multi-cluster management project, contains an authentication bypass. Backend API endpoints, such as /api/v1/secret and...