Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write Permission
Vulnerability Description
Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad Enterprise 1.9.2, 1.8.7, and 1.7.15.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
HCL Nomad 安全漏洞
Vulnerability Description
HCL Nomad是美国HCL公司的一款用于在移动设备中使用、管理Domino应用程序开发平台的应用程序。 HCL Nomad存在安全漏洞,该漏洞源于容易受到通过未经授权的容器存储接口(CSI)卷写入进行任意跨命名空间卷创建的攻击。
CVSS Information
N/A
Vulnerability Type
N/A