Описание
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
Отчет
In order to exploit this flaw, an attacker must already have root access on a workload node.
Дополнительная информация
Статус:
EPSS
7.2 High
CVSS3
Связанные уязвимости
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
Уязвимость компонента Node Role Label Handler прикладного программного интерфейса корпоративной платформы Red Hat OpenShift Container Platform, позволяющая нарушителю повысить свои привилегии
EPSS
7.2 High
CVSS3