Описание
In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.3.3 (включая)
cpe:2.3:a:mirantis:lens:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00153
Низкий
6.3 Medium
CVSS3
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-94
CWE-78
Связанные уязвимости
github
около 4 лет назад
In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string concatenation of provided arguments which are then executed in the user's shell. Arguments can be provided which cause arbitrary shell commands to run on the system.
EPSS
Процентиль: 36%
0.00153
Низкий
6.3 Medium
CVSS3
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-94
CWE-78