github.com/clusternet/clusternet is vulnerable to Privilege Escalation. The vulnerability exists because the clusternet_agent_rbac.yaml
does not properly initialize the verbs
role, which allows an attacker to access to the worker node which runs the clusternet and leverage the service account to do malicious actions critical to system resources
CPE | Name | Operator | Version |
---|---|---|---|
github.com/clusternet/clusternet | le | v0.15.1 | |
github.com/clusternet/clusternet | le | v0.15.1 |