Lucene search
+L

6 matches found

Veracode
Veracode
added 2023/06/19 9:37 a.m.15 views

Privilege Escalation

github.com/stolostron/governance-policy-propagator is vulnerable to Privilege Escalation. In a formed policy, the library makes it possible for dynamically acquired policies to leverage cluster scoped access, enabling a local attacker to access resources from the namespace where the policy was...

7.8CVSS6.6AI score0.00198EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/06/05 10:15 p.m.44 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.8CVSS7.7AI score0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/05 12:0 a.m.47 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.9AI score0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/05 12:0 a.m.10 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.3AI score0.00198EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.19 views

PT-2023-22620 · Unknown · Grc-Policy-Propagator

Name of the Vulnerable Software and Affected Versions: grc-policy-propagator affected versions not specified Description: The issue allows security escalation within the cluster. It is related to policies that contain dynamically obtained values, which can take advantage of cluster scoped access ...

7.8CVSS9.6AI score0.00198EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/06/01 4:7 a.m.45 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.8CVSS6.6AI score0.00198EPSS
Exploits0References3
Rows per page
Query Builder