CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation

Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...

CVE-2024-43403

Kanister (github.com/kanisterio/kanister) is affected by CVE-2024-43403 due to a deployment named default-kanister-operator bound to the Kubernetes ClusterRole edit. The edit ClusterRole includes permissive permissions (create/patch/update for daemonsets, create for serviceaccount/tokens, and imp...

Kanister 安全漏洞

Kanister is a data protection workflow management tool from Kanister Open Source. A security vulnerability exists in Kanister that stems from a cluster-level privilege elevation that can be performed by a malicious user by accessing a worker node...

Privilege Escalation

github.com/kubean-io/kubean is vulnerable to Privilege Escalation. The vulnerability is due to the ClusterRole being configured with excessive permissions, allowing a malicious user with access to a worker node to gain unauthorized control over the entire cluster...

GHSA-3WFJ-3X8Q-HRPG Kubean vulnerable to cluster-level privilege escalation

Impact This ClusterRole has verbs of resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. Patches =v0.18.0 Referenc...

Trust Boundary Violation

Overview Affected versions of this package are vulnerable to Trust Boundary Violation via the creation of a custom PersistentVolume that matches the name of a worker node. An attacker can gain unauthorized access to the root HCP worker node's volume by exploiting this flaw. Note: The name of the...

Trust Boundary Violation

Overview Affected versions of this package are vulnerable to Trust Boundary Violation via the creation of a custom PersistentVolume that matches the name of a worker node. An attacker can gain unauthorized access to the root HCP worker node's volume by exploiting this flaw. Note: The name of the...

Trust Boundary Violation

Overview Affected versions of this package are vulnerable to Trust Boundary Violation via the creation of a custom PersistentVolume that matches the name of a worker node. An attacker can gain unauthorized access to the root HCP worker node's volume by exploiting this flaw. Note: The name of the...

CVE-2024-1725

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...

Design/Logic Flaw

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...

CVE-2024-1725

The CVE-2024-1725 issue affects kubevirt-csi in OpenShift Virtualization’s Hosted Control Plane (HCP): an authenticated attacker can create a PersistentVolume that matches a worker node name to access the root HCP worker node’s volume. Exploitation is described in multiple advisories, with OpenSh...

CVE-2024-1725 Kubevirt-csi: persistentvolume allows access to hcp's root node

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...

CVE-2024-1725

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...

Sql injection

Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide crafted version data, which might potentially trick an administrator into performing an unsafe action via escape sequence injection, or might have a data size that causes a denial of service to a bastio...

Docker Security Vulnerabilities

Docker is an open source application container engine from the American company Docker. The product supports the creation of a container lightweight virtual machine and the deployment and running of applications on Linux systems, as well as the automated installation, deployment, and upgrading of...

Privilege Escalation

github.com/clusternet/clusternet is vulnerable to Privilege Escalation. The vulnerability exists because the clusternetagentrbac.yaml does not properly initialize the verbs role, which allows an attacker to access to the worker node which runs the clusternet and leverage the service account to do...

CVE-2023-2250

A flaw was found in the Open Cluster Management OCM when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments. A malicious user can take advantage of this and bind the cluster-admin to any service account or using the service...

GHSA-833C-XH79-P429 A potential risk in clusternet which can be leveraged to make a cluster-level privilege escalation

Summary: A potential risk in clusternet which can be leveraged to make a cluster-level privilege escalation. Detailed analysis: The clusternet has a deployment called cluster-hub inside the clusternet-system Kubernetes namespace, which runs on worker nodes randomly. The deployment has a service...

Privilege Escalation

CubeFS is vulnerable to Privilege Escalation. The vulnerability is due to not restricting/restraining the secrets which are accessed by DaemonSet of CubeFS. This can lead to an attacker controlling a worker node to make a cluster-level privilege escalation by leveraging the pod controlled by...

Talos worker join token can be used to get elevated access level to the Talos API

Impact Talos worker nodes use a join token to get accepted into the Talos cluster. A misconfigured Kubernetes environment may allow workloads to access the join token of the worker node. A malicious workload could then use the join token to construct a Talos CSR certificate signing request. Due t...