Lucene search
K

9 matches found

NVD
NVD
added 2023/06/05 10:15 p.m.43 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.8CVSS7.7AI score0.00198EPSS
Exploits0References1
OSV
OSV
added 2023/06/05 10:15 p.m.4 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/05 10:15 p.m.4 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.8CVSS7.1AI score0.00198EPSS
Exploits0References2
Prion
Prion
added 2023/06/05 10:15 p.m.19 views

Code injection

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

4.3CVSS7.8AI score0.00198EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/05 12:0 a.m.42 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.9AI score0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/05 12:0 a.m.10 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.3AI score0.00198EPSS
Exploits0References1
CVE
CVE
added 2023/06/05 12:0 a.m.75 views

CVE-2023-3027

The vulnerability CVE-2023-3027 affects Red Hat Advanced Cluster Management for Kubernetes (ACM) where the grc-policy-propagator can perform privilege escalation by evaluating policies that pull dynamically obtained values, allowing access beyond the policy’s namespace. Root cause: policy propaga...

7.8CVSS7.6AI score0.00198EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2023/06/01 4:7 a.m.44 views

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

7.8CVSS6.6AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/31 12:0 a.m.4 views

Red Hat Advanced Cluster Management for Kubernetes 安全漏洞

Red Hat Advanced Cluster Management for Kubernetes is an advanced cluster management platform for Kubernetes from Red Hat, Inc. The platform provides features that offer policy-based governance and extended application lifecycle management. A security vulnerability exists in Red Hat Advanced...

7.8CVSS7.3AI score0.00198EPSS
Exploits0References4
Rows per page
Query Builder