Lucene search
K

166 matches found

RedhatCVE
RedhatCVE
added 2025/03/17 11:49 p.m.12 views

CVE-2025-29781

A flaw was found in the Bare Metal Operator BMO Kubernetes API component. BMO enables users to load Secrets from arbitrary namespaces upon deployment of the namespace-scoped Custom Resource BMCEventSubscription. In affected versions, an adversary using a Kubernetes account with only namespace lev...

8.2CVSS6.4AI score0.00169EPSS
Exploits0References8
NVD
NVD
added 2025/03/17 10:15 p.m.16 views

CVE-2025-29781

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS0.00169EPSS
Exploits0References5
OSV
OSV
added 2025/03/17 9:37 p.m.14 views

CVE-2025-29781 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS8AI score0.00169EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/03/17 9:37 p.m.20 views

CVE-2025-29781 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

6.5CVSS0.00169EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/05 11:17 p.m.6 views

CVE-2022-23652

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...

8.8CVSS7AI score0.01375EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/01/21 4:56 p.m.8 views

Important: Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.15.0

cert-manager Operator for Red Hat OpenShift 1.15.0 The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to...

9.1CVSS6.7AI score0.03092EPSS
Exploits2References6
Github Security Blog
Github Security Blog
added 2024/12/02 10:17 p.m.36 views

Access to Archived Argo Workflows with Fake Token in `client` mode

Summary When using --auth-mode=client, Archived Workflows can be retrieved with a fake or spoofed token via the GET Workflow endpoint: /api/v1/workflows/namespace/name When using --auth-mode=sso, all Archived Workflows can be retrieved with a valid token via the GET Workflow endpoint:...

7.5CVSS7AI score0.00656EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/11/20 6:23 p.m.31 views

github.com/rancher/steve's users can issue watch commands for arbitrary resources

Impact A vulnerability has been discovered in Steve API Kubernetes API Translator in which users can watch resources they are not allowed to access, when they have at least some generic permissions on the type. For example, a user who can get a single secret in a single namespace can get all...

7.7CVSS7.3AI score0.00413EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2024/10/28 6:28 p.m.24 views

Argo Workflows Controller: Denial of Service via malicious daemon Workflows

Summary Due to a race condition in a global variable, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This was resolved by https://github.com/argoproj/argo-workflows/pull/13641 Details These two lines introduce a data race in the...

5.7CVSS6.5AI score0.00345EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/12 4:35 p.m.17 views

CVE-2024-6840 Automation-controller: gain access to the k8s api server via job execution with container group

An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account...

6.6CVSS7AI score0.00428EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/09/05 2:13 p.m.4 views

automation-controller: Gain access to the k8s API server via job execution with Container Group

An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account...

6.6CVSS5.8AI score0.00428EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/09/04 5:40 a.m.29 views

CVE-2024-43803

A flaw was found in the Bare Metal Operator BMO. The BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for the...

4.9CVSS6.5AI score0.00574EPSS
Exploits0References10
NVD
NVD
added 2024/09/03 7:15 p.m.39 views

CVE-2024-43803

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespace of th...

4.9CVSS0.00574EPSS
Exploits0References7
OSV
OSV
added 2024/09/03 6:56 p.m.24 views

CVE-2024-43803 BMO can expose particularly named secrets from other namespaces via BMH CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespace of th...

4.9CVSS4.8AI score0.00574EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/09/03 6:56 p.m.32 views

CVE-2024-43803 BMO can expose particularly named secrets from other namespaces via BMH CRD

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. The BareMetalHost BMH CRD allows the userData, metaData, and networkData for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the Name and Namespace of th...

4.9CVSS0.00574EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.47 views

GitLab CE/EE Security Vulnerabilities

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE, which stems from the fact that an...

4.3CVSS6.7AI score0.00426EPSS
Exploits0References3
OSV
OSV
added 2024/05/15 12:6 p.m.22 views

BIT-CILIUM-OPERATOR-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

9CVSS8.2AI score0.0046EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/29 9:37 a.m.25 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2024-3177)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that may allow mountable secret policy enforcement to be bypassed during pod admission CVE-2024-3177. Vulnerability Details CVEID: CVE-2024-3177 Description: Kubernetes kube-apiserver could...

2.7CVSS3.9AI score0.02224EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/24 9:1 p.m.31 views

Rancher Privilege escalation vulnerability via malicious "Connection" header

A vulnerability was discovered in Rancher 2.0.0 through the aforementioned patched versions, where a malicious Rancher user could craft an API request directed at the proxy for the Kubernetes API of a managed cluster to gain access to information they do not have access to. This is done by passin...

8.8CVSS7AI score0.01052EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/24 9:1 p.m.31 views

Rancher's Steve API Component Improper authorization check allows privilege escalation

Impact A flaw discovered in Rancher versions from 2.5.0 up to and including 2.5.9 allows an authenticated user to impersonate any user on a cluster through the Steve API proxy, without requiring knowledge of the impersonated user's credentials. This is due to the Steve API proxy not dropping the...

8.8CVSS6.8AI score0.01071EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder