exploitDog

CVE-2025-23260

Опубликовано: 24 июн. 2025

Источник: nvd

CVSS3: 5

CVSS3: 4.3

EPSS Низкий

Описание

NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.

Ссылки

https://nvidia.custhelp.com/app/answers/detail/a_id/5660
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nvidia:aistore:*:*:*:*:*:kubernetes:*:*

Версия до 2.3.0 (исключая)

EPSS

Процентиль: 11%

0.00037

Низкий

5 Medium

CVSS3

4.3 Medium

CVSS3

Дефекты

CWE-266

Связанные уязвимости

GHSA-r38f-qm5h-p64x

CVSS3: 5

github

8 месяцев назад

NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.

EPSS

Процентиль: 11%

0.00037

Низкий

5 Medium

CVSS3

4.3 Medium

CVSS3

Дефекты

CWE-266