← back
CVE-2024-32359

CVE-2024-32359

CVSS 6.9 MEDIUMEPSS 0.2%CWE-285
An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster.
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://carina.comhttps://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906https://github.com/carina-io/carinahttps://github.com/HouqiyuA/k8s-rbac-poc