Описание
A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod.
EPSS
Процентиль: 48%
0.00248
Низкий
8.8 High
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
OpenShift Hive RCE through AWS/Kubernetes client configuration leads to privilege escalation
EPSS
Процентиль: 48%
0.00248
Низкий
8.8 High
CVSS3
Дефекты
CWE-284