Lucene search
K

144 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.29 views

SUSE SLES15: kubernetes1.24-apiserver / kubernetes1.24-client / etc (SUSE-SU-2023:2544-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2544-1 advisory. - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. -...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.28 views

SUSE SLES15: kubernetes1.23-apiserver / kubernetes1.23-client / etc (SUSE-SU-2023:2543-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2543-1 advisory. - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. -...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
OSV
OSV
added 2023/06/19 11:7 a.m.6 views

SUSE-SU-2023:2544-1 Security update for kubernetes1.24

This update for kubernetes1.24 fixes the following issues: - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. - CVE-2023-2728: Fixed bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin bsc1211631...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References5
OSV
OSV
added 2023/06/19 11:6 a.m.9 views

SUSE-SU-2023:2543-1 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. - CVE-2023-2728: Fixed bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin bsc1211631...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References5
OSV
OSV
added 2023/06/19 11:5 a.m.8 views

SUSE-SU-2023:2541-1 Security update for kubernetes1.18

This update for kubernetes1.18 fixes the following issues: - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. - CVE-2023-2728: Fixed bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin bsc1211631...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/06/19 12:0 a.m.27 views

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.18 (SUSE-SU-2023:2541-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2541-1 advisory. - CVE-2023-2727: Fixed bypassing policies imposed by the ImagePolicyWebhook admission plugin bsc1211630. -...

6.5CVSS6.7AI score0.02157EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2023/06/15 5:46 a.m.38 views

CVE-2023-2728

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...

6.5CVSS6.8AI score0.02157EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.7 views

PT-2023-21049 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue allows users to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. This policy ensures...

7.7CVSS6.5AI score0.99999EPSS
Exploits21References144
Veracode
Veracode
added 2023/05/01 10:58 p.m.25 views

Privilege Escalation

github.com/kubewarden/kubewarden-controller is vulnerable to Privilege Escalation. A remote authenticated attacker is able to read arbitrary secrets if they get access to the ServiceAccount of the kubewarden-controller which results in the exfiltration of all secret tokens in the cluster...

8.8CVSS8.2AI score0.00466EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 2023/04/21 1:26 p.m.45 views

Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining

A large-scale attack campaign discovered in the wild has been exploiting Kubernetes K8s Role-Based Access Control RBAC to create backdoors and run cryptocurrency miners. "The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack," cloud security firm...

6.7AI score
Exploits0
Prion
Prion
added 2023/04/19 12:15 p.m.17 views

Privilege escalation

An Improper Privilege Management vulnerability in SUSE kubewarden allows attackers to read arbitrary secrets if they get access to the ServiceAccount kubewarden-controller This issue affects: SUSE kubewarden kubewarden-controller versions prior to 1.6.0...

6.5CVSS8.5AI score0.00466EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/19 12:0 a.m.54 views

CVE-2023-22645

CVE-2023-22645 (SUSE kubewarden): An improper privilege management flaw in the kubewarden-controller allows an attacker with access to the controller’s ServiceAccount to read arbitrary secrets, potentially exfiltrating secret tokens from the cluster. Affected product/component: SUSE kubewarden ku...

8.8CVSS8.2AI score0.00466EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.36 views

CVE-2023-22645 kubewarden: Excessive permissions for kubewarden-controller-manager-cluster-role

An Improper Privilege Management vulnerability in SUSE kubewarden allows attackers to read arbitrary secrets if they get access to the ServiceAccount kubewarden-controller This issue affects: SUSE kubewarden kubewarden-controller versions prior to 1.6.0...

8CVSS8.7AI score0.00466EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/04/18 1:45 a.m.6 views

SUSE CVE-2023-22645

An Improper Privilege Management vulnerability in SUSE kubewarden allows attackers to read arbitrary secrets if they get access to the ServiceAccount kubewarden-controller This issue affects: SUSE kubewarden kubewarden-controller versions prior to 1.6.0...

8.8CVSS6.8AI score0.00466EPSS
Exploits0References4
OSV
OSV
added 2022/12/05 11:8 p.m.25 views

GHSA-X45C-CVP8-Q4FM Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule implements a multi-tenant and policy-based environment in a Kubernetes cluster. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operato...

8.8CVSS8.6AI score0.00861EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/12/05 11:8 p.m.40 views

Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule implements a multi-tenant and policy-based environment in a Kubernetes cluster. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operato...

8.8CVSS8.3AI score0.00861EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2022/12/02 7:15 p.m.41 views

CVE-2022-46167

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...

8.8CVSS0.00861EPSS
Exploits0References4
Prion
Prion
added 2022/12/02 7:15 p.m.22 views

Design/Logic Flaw

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...

6.5CVSS8.6AI score0.00861EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/12/02 6:22 p.m.38 views

CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...

8.8CVSS8.9AI score0.00861EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/02 6:22 p.m.7 views

CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...

8.8CVSS8.6AI score0.00861EPSS
Exploits0References4
Rows per page
Query Builder