Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:46762
HistoryMay 06, 2024 - 9:36 a.m.

Improper Cluster Permissions

2024-05-0609:36:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
vulnerability
inadequate permission
local attacker
arbitrary code
crafted command
token

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

karmada-io karmada is vulnerable to Improper Cluster Permissions. The vulnerability is due to inadequate cluster permission which allows a local attacker to execute arbitrary code via a crafted command to get the token.

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%