30 matches found
GO-2024-3103 Hwameistor Potential Permission Leakage of Cluster Level in github.com/hwameistor/hwameistor
Hwameistor Potential Permission Leakage of Cluster Level in github.com/hwameistor/hwameistor...
Hwameistor Potential Permission Leakage of Cluster Level
Impact What kind of vulnerability is it? Who is impacted? This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a...
CVE-2024-45054
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-45054 Potential Permission Leakage of Cluster Level in hwameistor
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-45054 Potential Permission Leakage of Cluster Level in hwameistor
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
CVE-2024-45054 Potential Permission Leakage of Cluster Level in hwameistor
Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...
PT-2024-31406 · Unknown · Hwameistor
Name of the Vulnerable Software and Affected Versions: Hwameistor versions prior to 0.14.6 Description: Hwameistor is a high-availability local storage system for cloud-native stateful workloads. This ClusterRole has excessive permissions, allowing a malicious user who can access the worker node...
GO-2024-3080 Kanister vulnerable to cluster-level privilege escalation in github.com/kanisterio/kanister
Kanister vulnerable to cluster-level privilege escalation in github.com/kanisterio/kanister...
Withdrawn Advisory: Kanister vulnerable to cluster-level privilege escalation
Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a released Go package. For more information, see github/advisory-database/issues/5029. Original Advisory Summary This advisory affects the Kanister helm charts and not the go package Details The kanister...
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation
Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation
Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation
Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...
GO-2023-1721 OpenFeature Operator vulnerable to Cluster-level Privilege Escalation in github.com/open-feature/open-feature-operator
OpenFeature Operator vulnerable to Cluster-level Privilege Escalation in github.com/open-feature/open-feature-operator...
GO-2024-3039 Kubean vulnerable to cluster-level privilege escalation in github.com/kubean-io/kubean
Kubean vulnerable to cluster-level privilege escalation in github.com/kubean-io/kubean...
CVE-2024-41820 Cluster-level privilege escalation in kubean
Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine. The ClusterRole has verbs of resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the...
Kubean vulnerable to cluster-level privilege escalation
Impact This ClusterRole has verbs of resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. Patches =v0.18.0 Referenc...
GHSA-3WFJ-3X8Q-HRPG Kubean vulnerable to cluster-level privilege escalation
Impact This ClusterRole has verbs of resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. Patches =v0.18.0 Referenc...
CVE-2023-30622
Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called cluster-hub inside the clusternet-syste...
CVE-2023-30622 Clusternet has potential risk which can be leveraged to make a cluster-level privilege escalation
Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. An issue in clusternet prior to version 0.15.2 can be leveraged to lead to a cluster-level privilege escalation. The clusternet has a deployment called cluster-hub inside the clusternet-syste...
CVE-2023-30622
CVE-2023-30622 affects Clusternet prior to 0.15.2. A deployment named cluster-hub in the clusternet-system namespace runs on worker nodes and uses the service account clusternet-hub, which is bound to the cluster role clusternet:hub. That cluster role has "" verbs on " .*" resources, enabling pri...