github.com/piraeusdatastore/piraeus-operator is vulnerable to Improper access control. The vulnerability is due to the ClusterRole
being granted excessive permissions, specifically the ability to list all secrets in the cluster, which allows an attacker to impersonate the service account bound to this ClusterRole
and list confidential information across the cluster.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/piraeusdatastore/piraeus-operator | le | v2.4.0 | |
github.com/piraeusdatastore/piraeus-operator | le | v2.4.0 |