漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Mounted Kubernetes Secrets under a predictable path located within the web server document root
Vulnerability Description
Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document root. In affected versions, this can lead to unauthenticated access to sensitive credentials via HTTP/S. A remote attacker could retrieve these secrets by accessing specific URLs if the application is exposed externally. The issue affects deployments using the default value of usePasswordFiles=true, which mounts secrets as files into the container filesystem.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Rucio Helm Charts 安全漏洞
Vulnerability Description
Rucio Helm Charts是rucio开源的一个Rucio的库。 Rucio Helm Charts存在安全漏洞,该漏洞源于Kubernetes Secrets挂载路径可预测,可能导致未授权访问敏感凭据。
CVSS Information
N/A
Vulnerability Type
N/A