Описание
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
Ссылки
EPSS
6.6 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
Submariner Operator sets unnecessary RBAC permissions
Уязвимость программного обеспечения взаимодействия модулей и служб в кластерах Kubernetes Submariner Operator, связанная с ошибками при управлении привилегиями, позволяющая нарушителю запустить на узле произвольный контейнер
EPSS
6.6 Medium
CVSS3