CVE-2023-32194 - OpenShift Global Role Escalation: Namespaces Access Grant

1 month ago 14
ARTICLE AD BOX
CVE ID : CVE-2023-32194
Published : Oct. 16, 2024, 1:15 p.m. | 24 minutes ago
Description : A vulnerability has been identified when granting a create or * global role for a resource type of "namespaces"; no matter the API group, the subject will receive * permissions for core namespaces. This can lead to someone being capable of accessing, creating, updating, or deleting a namespace in the project.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article