Houqiyua

**Name of the Vulnerable Software and Affected Versions** kuma version 2.7.0 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For kuma version 2.7.0, update to a version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** meshery version 0.7.51 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For meshery version 0.7.51, update to a version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** fabedge version 0.8.1 **Description** The issue concerns insecure permissions in fabedge, allowing attackers to access sensitive data and escalate privileges by obtaining the service account's token. **Recommendations** For fabedge version 0.8.1, update to a version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** cert-manager version 1.14.4 **Description** The issue is related to insecure permissions, allowing attackers to access sensitive data and escalate privileges by obtaining the service account's token. **Recommendations** For cert-manager version 1.14.4, update to a version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** chaos-mesh version 2.6.3 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For chaos-mesh version 2.6.3, update to a version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** contour version 1.28.3 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For contour version 1.28.3, update the permissions to secure the service account's token and prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** external-secrets version 0.9.16 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For external-secrets version 0.9.16, update to a version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** logging-operator version 4.6.0 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For logging-operator version 4.6.0, consider restricting access to the service account's token as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** volcano version 1.8.2 **Description** The issue is related to insecure permissions, allowing attackers to access sensitive data and escalate privileges by obtaining the service account's token. This can be achieved through the `volcano.sh/volcano` endpoint. **Recommendations** For version 1.8.2, consider restricting access to the `volcano.sh/volcano` endpoint to minimize the risk of exploitation. Additionally, review and adjust the permissions to prevent unauthorized access to sensitive data and privilege escalation.

**Name of the Vulnerable Software and Affected Versions** hwameistor version 0.14.3 **Description** The issue allows attackers to access sensitive data and escalate privileges by obtaining the service account's token due to insecure permissions. **Recommendations** For hwameistor version 0.14.3, update to a newer version that addresses the insecure permissions issue to prevent attackers from accessing sensitive data and escalating privileges.

**Name of the Vulnerable Software and Affected Versions** kruise version 1.6.2 **Description** The issue is related to insecure permissions, allowing attackers to access sensitive data and escalate privileges by obtaining the service account's token. **Recommendations** For kruise version 1.6.2, update the permissions to restrict access to sensitive data and prevent privilege escalation. Consider temporarily restricting the service account's token access until a patch is available.

**Name of the Vulnerable Software and Affected Versions** piraeus-operator versions 2.5.0 and earlier **Description** The issue allows an attacker to impersonate the service account bound to a ClusterRole in piraeus-operator, which has been granted list secrets permission. This permission enables the attacker to list confidential information across the cluster, posing a high risk. **Recommendations** For piraeus-operator versions 2.5.0 and earlier, consider restricting the privileges of the ClusterRole to prevent an attacker from listing secrets. As a temporary workaround, consider disabling the list secrets permission for the ClusterRole until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** kubevirt versions 1.2.0 and earlier **Description** The issue allows a local attacker to execute arbitrary code via a crafted command to get the token component. This can be done by sending a crafted command to the `/kubevirt.io/kubevirt` API endpoint. The attacker can exploit this issue to gain unauthorized access and execute arbitrary code. **Recommendations** For versions 1.2.0 and earlier, consider disabling the `kubevirt` component until a patch is available. Restrict access to the `/kubevirt.io/kubevirt` API endpoint to minimize the risk of exploitation. Avoid using crafted commands to get the token component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** karmada versions 1.9.0 and earlier **Description** The issue allows a local attacker to execute arbitrary code via a crafted command to get the `token` component. This is related to token handling and can be exploited for local privilege escalation. **Recommendations** For versions 1.9.0 and earlier, patch to the latest version to resolve the issue. As a temporary workaround, consider limiting permissions and investigating token handling to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Carina versions 0.13.0 and earlier **Description** An RBAC authorization risk allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster. **Recommendations** For Carina versions 0.13.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** spidernet-io spiderpool versions 0.9.3 and earlier **Description** An issue in spidernet-io spiderpool allows a local attacker to execute arbitrary code via a crafted command to get the `token` component. **Recommendations** For spidernet-io spiderpool versions 0.9.3 and earlier, consider restricting access to the token component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.