2 matches found
CVE-2021-3495
The CVE-2021-3495 vulnerability is an improper access-control flaw in kiali-operator before version 1.33.0 (and before 1.24.7 for the alternate stream). An attacker with basic cluster access could deploy a specified image to any namespace, potentially accessing privileged service account tokens a...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.0.4 security update
An update for openshift-istio-kiali-rhel8-operator-container is now available for OpenShift Service Mesh 2.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...