PT-2024-24534 · Carina · Carina
Houqiyua
·
Published
2024-05-02
·
Updated
2024-07-03
·
CVE-2024-32359
CVSS v3.1
6.9
Medium
| Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
Carina versions 0.13.0 and earlier
Description
An RBAC authorization risk allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster.
Recommendations
For Carina versions 0.13.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Carina