CVE-2024-43403 : KANISTERIO KANISTER UP TO 0.110.0 CREATE/PATCH/UDPATE PRIVILEGES MANAGEMENT

Description

Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The “edit” ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate verbs of daemonset resources, create verb of serviceaccount/token resources, and impersonate verb of serviceaccounts resources. A malicious user can leverage access the worker node which has this component to make a cluster-level privilege escalation.

References

https://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp

https://github.com/kanisterio/kanister/blob/master/helm/kanister-operator/templates/rbac.yaml#L49

For More Information

CVERecord

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-49602 : DELL POWERSCALE ONEFS UP TO 9.4.0.19/9.5.1.0/9.7.1.2/9.8.0.0 MULTIPLE UNLOCKS OF A CRITICAL RESOURCE

CVE-2024-49602 : DELL POWERSCALE ONEFS UP TO 9.4.0.19/9.5.1.0/9.7.1.2/9.8.0.0 MULTIPLE UNLOCKS OF A CRITICAL RESOURCE

Description Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could

CVE-2024-53490 : CLOUDFAVORITES FAVORITES-WEB 1.3.0 SECURITYFILTER.JAVA PATH TRAVERSAL

CVE-2024-53490 : CLOUDFAVORITES FAVORITES-WEB 1.3.0 SECURITYFILTER.JAVA PATH TRAVERSAL

Description Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java. References https://github.com/DYX217/directory-traversal For More Information CVERecord

CVE-2024-54679 : CYBERPANEL RESTARTMYSQL DENIAL OF SERVICE

CVE-2024-54679 : CYBERPANEL RESTARTMYSQL DENIAL OF SERVICE

Description CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions. References https://github.com/usmannasir/cyberpanel/commit/6778ad1eaae41f72365da8fd021f9a60369600dc For More