Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An incorrect access control flaw was found in the kiali-operator in versions before 1.33.0 and before 1.24.7. This flaw allows an attacker with a basic level of access to the cluster (to deploy a kiali operand) to use this vulnerability and deploy a given image to anywhere in the cluster, potentially gaining access to privileged service account tokens. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Information
N/A
Vulnerability Type
权限预留不恰当
Vulnerability Title
Kiali-operator 安全漏洞
Vulnerability Description
kiali-operator是一个应用软件。用于构建操作员图像并将构建的图像推送到Quay.io。 Kiali-operator 存在安全漏洞。攻击者可通过该漏洞将给定的映像部署到群集中的任何位置,从而有可能获得对特权服务帐户令牌的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A