Lucene search
K

148 matches found

The Hacker News
The Hacker News
added 2024/04/10 11:0 a.m.30 views

Hands-on Review: Cynomi AI-powered vCISO Platform

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcin...

7.5AI score
Exploits0
OSV
OSV
added 2024/03/06 10:55 a.m.15 views

BIT-KUSTOMIZE-2022-24817 Improper kubeconfig validation allows arbitrary code execution

Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also...

9.9CVSS9.6AI score0.01044EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:55 a.m.18 views

BIT-KUSTOMIZE-2022-24877 Improper path handling in kustomization files allows path traversal

Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious kustomization.yaml allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments...

9.9CVSS9AI score0.01108EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:53 a.m.34 views

BIT-HELM-2022-36049 Flux2 Helm Controller denial of service

Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK th...

7.7CVSS6.7AI score0.01045EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 10:51 a.m.9 views

BIT-EJBCA-2021-40088

An issue was discovered in PrimeKey EJBCA before 7.6.0. CMP RA Mode can be configured to use a known client certificate to authenticate enrolling clients. The same RA client certificate is used for revocation requests as well. While enrollment enforces multi tenancy constraints by verifying that...

5.4CVSS5.4AI score0.0036EPSS
Exploits0References2
NVD
NVD
added 2023/11/06 7:15 p.m.45 views

CVE-2023-46254

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4.3CVSS4.7AI score0.00415EPSS
Exploits0References2
Prion
Prion
added 2023/11/06 7:15 p.m.25 views

Privilege escalation

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4CVSS7.2AI score0.00415EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2023/11/06 6:34 p.m.59 views

CVE-2023-46254

Capsule-proxy (Capsule Kubernetes multi-tenancy) contains a bug in the RoleBinding reflector that allows ServiceAccount tenants to list Namespaces owned by other tenants when two tenants share the same ServiceAccount name in different namespaces, under specific conditions (capsule-proxy running w...

4.3CVSS4.6AI score0.00415EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2023/11/06 6:34 p.m.36 views

CVE-2023-46254 Service accounts can see namespaces of other tenants in capsule-proxy

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4.3CVSS5AI score0.00415EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/11/06 6:34 p.m.47 views

CVE-2023-46254 Service accounts can see namespaces of other tenants in capsule-proxy

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

4.3CVSS5AI score0.00415EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.20 views

Cisco APIC Unauthorized Policy Actions (cisco-sa-apic-uapa-F4TAShk)

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.9AI score0.00333EPSS
Exploits0References3
CNVD
CNVD
added 2023/08/30 12:0 a.m.10 views

Cisco Application Policy Infrastructure Controller Access Control Error Vulnerability (CNVD-2024-23322)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. The Cisco Application Policy Infrastructure Controller suffers from an access control error vulnerability that stems from improper access control when using a...

5.4CVSS6.6AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2023/08/23 7:15 p.m.3 views

CVE-2023-20230

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/08/23 7:15 p.m.26 views

Improper access control

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.5CVSS5.5AI score0.00333EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/23 6:21 p.m.17 views

CVE-2023-20230

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.7AI score0.00333EPSS
Exploits0References1
CVE
CVE
added 2023/08/23 6:21 p.m.2545 views

CVE-2023-20230

CVE-2023-20230 affects Cisco Application Policy Infrastructure Controller (APIC). The issue arises from improper access control in the restricted security domain implementation used to enforce multi-tenancy, allowing an authenticated, remote attacker with a restricted-domain account to read, modi...

5.4CVSS5.5AI score0.00333EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.4 views

Apache Pulsar 安全漏洞

Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenancy, persistent storage, multi-room cross-region data replication, and...

9.6CVSS8.2AI score0.01043EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2023/06/28 4:18 p.m.19 views

Rapid7 Solutions for Partners

Central to our mission at Rapid7 is building long-term relationships with partners who deliver valuable security solutions to customers. As customers increasingly seek managed services to meet their security needs, we've eagerly expanded our partner ecosystem to support a rapidly growing body of...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.46 views

CBL Mariner 2.0 Security Update: helm (CVE-2022-36049)

The version of helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36049 advisory. - Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-...

7.7CVSS7.4AI score0.01045EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/07 12:0 a.m.5 views

The vulnerability in applications for creating reports using TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS arises due to an incorrect path name limitation in the restricted directory. This allows attackers to disclose sensitive information.

The vulnerability of applications for generating reports with TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS exists due to ...

7.7CVSS7.4AI score0.48753EPSS
Exploits2References3Affected Software5
Rows per page
Query Builder