Lucene search
K

145 matches found

OSV
OSV
added 2024/03/06 10:53 a.m.34 views

BIT-HELM-2022-36049 Flux2 Helm Controller denial of service

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK th...

7.7CVSS6.7AI score0.01007EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 10:51 a.m.9 views

BIT-EJBCA-2021-40088

An issue was discovered in PrimeKey EJBCA before 7.6.0. CMP RA Mode can be configured to use a known client certificate to authenticate enrolling clients. The same RA client certificate is used for revocation requests as well. While enrollment enforces multi tenancy constraints by verifying that...

5.4CVSS5.4AI score0.0036EPSS
Exploits0References2
NVD
NVD
added 2023/11/06 7:15 p.m.45 views

CVE-2023-46254

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4.3CVSS4.7AI score0.00415EPSS
Exploits0References2
Prion
Prion
added 2023/11/06 7:15 p.m.25 views

Privilege escalation

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4CVSS7.2AI score0.00415EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2023/11/06 6:34 p.m.59 views

CVE-2023-46254

Capsule-proxy (Capsule Kubernetes multi-tenancy) contains a bug in the RoleBinding reflector that allows ServiceAccount tenants to list Namespaces owned by other tenants when two tenants share the same ServiceAccount name in different namespaces, under specific conditions (capsule-proxy running w...

4.3CVSS4.6AI score0.00415EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2023/11/06 6:34 p.m.36 views

CVE-2023-46254 Service accounts can see namespaces of other tenants in capsule-proxy

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4.3CVSS5AI score0.00415EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/11/06 6:34 p.m.46 views

CVE-2023-46254 Service accounts can see namespaces of other tenants in capsule-proxy

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4.3CVSS5AI score0.00415EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.18 views

Cisco APIC Unauthorized Policy Actions (cisco-sa-apic-uapa-F4TAShk)

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.9AI score0.00333EPSS
Exploits0References3
CNVD
CNVD
added 2023/08/30 12:0 a.m.9 views

Cisco Application Policy Infrastructure Controller Access Control Error Vulnerability (CNVD-2024-23322)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. The Cisco Application Policy Infrastructure Controller suffers from an access control error vulnerability that stems from improper access control when using a...

5.4CVSS6.6AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2023/08/23 7:15 p.m.3 views

CVE-2023-20230

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/08/23 7:15 p.m.26 views

Improper access control

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.5CVSS5.5AI score0.00333EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/23 6:21 p.m.2544 views

CVE-2023-20230

CVE-2023-20230 affects Cisco Application Policy Infrastructure Controller (APIC). The issue arises from improper access control in the restricted security domain implementation used to enforce multi-tenancy, allowing an authenticated, remote attacker with a restricted-domain account to read, modi...

5.4CVSS5.5AI score0.00333EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/23 6:21 p.m.16 views

CVE-2023-20230

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.7AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.4 views

Apache Pulsar 安全漏洞

Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenancy, persistent storage, multi-room cross-region data replication, and...

9.6CVSS8.2AI score0.00733EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2023/06/28 4:18 p.m.19 views

Rapid7 Solutions for Partners

Central to our mission at Rapid7 is building long-term relationships with partners who deliver valuable security solutions to customers. As customers increasingly seek managed services to meet their security needs, we've eagerly expanded our partner ecosystem to support a rapidly growing body of...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.46 views

CBL Mariner 2.0 Security Update: helm (CVE-2022-36049)

The version of helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36049 advisory. - Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-...

7.7CVSS7.4AI score0.01007EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/07 12:0 a.m.5 views

The vulnerability in applications for creating reports using TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS arises due to an incorrect path name limitation in the restricted directory. This allows attackers to disclose sensitive information.

The vulnerability of applications for generating reports with TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS exists due to ...

7.7CVSS7.4AI score0.48753EPSS
Exploits2References3Affected Software5
F5 Networks
F5 Networks
added 2023/02/21 7:55 p.m.59 views

K51801290: RSRE Variant 3a vulnerability CVE-2018-3640

Security Advisory Description Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Rea...

5.6CVSS5.7AI score0.07556EPSS
Exploits0Affected Software18
F5 Networks
F5 Networks
added 2023/02/21 7:54 p.m.63 views

K29146534: SSB Variant 4 vulnerability CVE-2018-3639

Security Advisory Description Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel...

5.5CVSS6.8AI score0.60631EPSS
Exploits2Affected Software19
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.79 views

K31300402: Virtual Machine Manager L1 Terminal Fault vulnerability CVE-2018-3646

Security Advisory Description Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a...

5.6CVSS7.8AI score0.08101EPSS
Exploits0Affected Software19
Rows per page
Query Builder