Lucene search
K

5 matches found

Circl
Circl
added 2025/04/02 12:56 p.m.9 views

CVE-2025-2786

creationtimestamp| type| source ---|---|--- 2025-04-02 12:56:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lltgrtolbw2x 2025-04-02 14:58:56+00:00| seen| https://t.me/cvedetector/21854...

4.3CVSS4.6AI score0.00336EPSS
Exploits0References2
NVD
NVD
added 2025/04/02 11:15 a.m.16 views

CVE-2025-2786

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

4.3CVSS0.00336EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/04/02 11:7 a.m.6 views

CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

4.3CVSS7AI score0.00336EPSS
Exploits0References5
CVE
CVE
added 2025/04/02 11:7 a.m.127 views

CVE-2025-2786

CVE-2025-2786 affects Grafana Tempo Operator. A flaw during TempoStack/TempoMonolithic deployment creates a ServiceAccount, ClusterRole, and ClusterRoleBinding, enabling a user with full access to their namespace to extract the ServiceAccount token and use TokenReview and SubjectAccessReview requ...

4.3CVSS7AI score0.00336EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/02 11:7 a.m.22 views

CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

4.3CVSS0.00336EPSS
Exploits0References5
Rows per page
Query Builder