Описание
A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Issue Tracking
- Vendor Advisory
- Vendor Advisory
- Issue Tracking
Уязвимые конфигурации
Одновременно
EPSS
6.8 Medium
CVSS3
4.1 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview.
Уязвимость пакета Skupper программного средства Red Hat Service Interconnect, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
6.8 Medium
CVSS3
4.1 Medium
CVSS3