3 matches found
Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.1 security and bug fix updates
Red Hat Advanced Cluster Management for Kubernetes 2.8.1 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...
CVE-2023-3027
The vulnerability CVE-2023-3027 affects Red Hat Advanced Cluster Management for Kubernetes (ACM) where the grc-policy-propagator can perform privilege escalation by evaluating policies that pull dynamically obtained values, allowing access beyond the policy’s namespace. Root cause: policy propaga...
CVE-2023-3027
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...