16 matches found
EUVD-2024-3090
Malicious code in bioql PyPI...
CVE-2024-46528
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
KubeSphere 3.4.0 Insecure Direct Object Reference
KubeSphere version 3.4.0 and KubeSphere Enterprise version 4.1.1 suffer from an insecure direct object reference vulnerability. Exploit Title: IDOR Vulnerability in KubeSphere v3.4.0 & KubeSphere Enterprise v4.1.1 Date: 3 September Exploit Author: Okan Kurtulus Vendor Homepage:...
KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
Exploit Title: KubeSphere 3.4.0 - Insecure Direct Object Reference IDOR Date: 3 September Exploit Author: Okan Kurtulus Vendor Homepage: https://kubesphere.io Software Link: https://github.com/kubesphere/kubesphere Version: = 4.0.0 & = 3.0.0 & 3.4.1 Tested on: Ubuntu 22.04 CVE : CVE-2024-46528 1-...
Insecure Direct Object Reference (IDOR)
github.com/kubesphere/kubesphere is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to missing proper authorization checks, which allow low-privileged authenticated attackers to access sensitive resources directly...
SUSE CVE-2024-46528
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
GO-2024-3248 KubeSphere IDOR vulnerability in github.com/kubesphere/kubesphere
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. NOTE: A fix is expected in v4.1.3 in January 2025...
GHSA-P26R-GFGC-C47H KubeSphere IDOR vulnerability
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere v3.4.1 and v4.1.1 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
KubeSphere IDOR vulnerability
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere v3.4.1 and v4.1.1 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
CVE-2024-46528
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
CVE-2024-46528
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
PT-2024-32021 · Unknown · Kubesphere +1
Name of the Vulnerable Software and Affected Versions: KubeSphere versions 3.x through 3.4.1 KubeSphere versions 4.x through 4.1.1 KubeSphere Enterprise versions 3.x through 3.5.0 KubeSphere Enterprise versions 4.x through 4.1.3 Description: An Insecure Direct Object Reference IDOR vulnerability...
CVE-2024-46528
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
CVE-2024-46528
An Insecure Direct Object Reference IDOR vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks...
KubeSphere 安全漏洞
KubeSphere is KubeSphere open source a distributed operating system built on top of Kubernetes for cloud-native applications. A security vulnerability exists in KubeSphere version v3.4.1 and v4.1.1. An attacker can exploit the vulnerability to access sensitive resources...
CVE-2024-46528
CVE-2024-46528 is an Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1, including KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0. The vulnerability allows low-privileged authenticated attackers to access sensitive resources wi...