exploitDog

GHSA-wm78-66mj-jh7h

Опубликовано: 21 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.4

Описание

Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster

Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster

Ссылки

EPSS

Процентиль: 23%

0.00078

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2024-53349

CVSS3: 7.4

nvd

11 месяцев назад

Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster

EPSS

Процентиль: 23%

0.00078

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-269