Lucene search
Veracode Vulnerability DatabaseVERACODE:36339HistoryJul 13, 2022 - 9:50 a.m.
Privilege Escalation
2022-07-1309:50:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
github kubernetes iam privilege escalation vulnerability authorization attacker modify privileges software
EPSS
0.001
Percentile
37.0%
github.com/kubernetes-sigs/aws-iam-authenticator is vulnerable to privilege escalation. The vulnerability exists due to a lack of verification of authorization allowing an attacker to modify the username in the allow-listed IAM identity and escalating its privileges.
Related
redhatcve
redhatcve
CVE-2022-2385
2022-07-14 08:21:31
osv
osv
aws-iam-authenticator allow-listed IAM identity may be able to modify their username, escalate privileges before v0.5.9 in sigs.k8s.io/aws-iam-authenticator
2024-08-21 15:11:36
aws-iam-authenticator allow-listed IAM identity may be able to modify their username, escalate privileges before v0.5.9
2022-07-13 00:00:41
CVE-2022-2385
2022-07-12 19:15:08
gitlab
gitlab
suse
suse
Security update for aws-iam-authenticator (important)
2022-07-29 00:00:00
cvelist
cvelist
CVE-2022-2385 AccessKeyID validation bypass
2022-07-12 14:25:10
prion
prion
Security feature bypass
2022-07-12 19:15:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2583-1)
2022-08-01 00:00:00
openSUSE: Security Advisory for aws-iam-authenticator (SUSE-SU-2022:2583-1)
2022-07-30 00:00:00
nessus
nessus
SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2022:2583-1)
2022-07-30 00:00:00
github
github
cve
cve
CVE-2022-2385
2022-07-12 19:15:08
nvd
nvd
CVE-2022-2385
2022-07-12 19:15:08