ГлавнаяУязвимости → CVE-2024-53349
7.4высокая

CVE-2024-53349

Описание

Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster

Затрагиваемое ПО
Linuxfoundation Kuadrant
CVSS
Балл7.4 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://gist.github.com/HouqiyuA/2a34c8f95dac7d9d8d7df7732403f383https://github.com/Kuadrant/kuadrant-operatorhttps://www.cncf.io/projects/kuadrant/