PT-2025-12431 · Kuadrant · Kuadrant

Published

2025-03-21

Updated

2025-03-22

CVE-2024-53349

CVSS v3.1

7.4

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions kuadrant version 0.11.3

Description The issue is related to insecure permissions, allowing attackers to gain access to the service account's token. This can lead to escalation of privileges via the secrets component in the k8s cluster.

Recommendations For kuadrant version 0.11.3, update to a version that fixes the insecure permissions issue to prevent attackers from gaining access to the service account's token.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2024-53349

Affected Products

Kuadrant

PT-2025-12431 · Kuadrant · Kuadrant

CVE-2024-53349

Weakness Enumeration

Related Identifiers

Affected Products

References · 8