CVE-2024-6840 - Ansible Automation Controller Service Account Token Privilege Escalation Vulnerability

1 month ago 18
ARTICLE AD BOX
CVE ID : CVE-2024-6840
Published : Sept. 12, 2024, 5:15 p.m. | 24 minutes ago
Description : An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article
  1. Homepage
  2. CVEs
  3. CVE-2024-6840 - Ansible Automation Controller Service Account Token Privilege Escalation Vulnerability

Related

CVE-2024-43577 - Microsoft Edge (Chromium-based) Session Hijacking

CVE-2024-43577 - Microsoft Edge (Chromium-based) Session Hij...

1 hour ago 2
CVE-2024-29213 - Ivanti DSM Local Privilege Escalation Vulnerability

CVE-2024-29213 - Ivanti DSM Local Privilege Escalation Vulne...

1 hour ago 2
CVE-2024-29821 - Ivanti DSM Escalation of Privilege Vulnerability

CVE-2024-29821 - Ivanti DSM Escalation of Privilege Vulnerab...

1 hour ago 2

Trending

1. Duke football
2. Andrew Garfield
3. F1
4. Taylor Swift Miami
5. BYU football
6. Purdue football
7. Netflix stock
8. Jay Cutler
9. Jim Gaffigan
10. Dalton Knecht

Popular

CVE-2024-6343 - Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN Buffer Overflow Denial of Service

CVE-2024-6343 - Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W...

1 month ago 142
CVE-2024-5053 - Fluent Forms Mailchimp API Key Update Weakness

CVE-2024-5053 - Fluent Forms Mailchimp API Key Update Weakne...

1 month ago 129
CVE-2024-8367 - HM Courts & Tribunals Service Probate Back Office Markdown Handler Injection Vulnerability

CVE-2024-8367 - HM Courts & Tribunals Service Probate Back O...

1 month ago 93
CVE-2024-44946 - Linux KCM kcm_sendmsg() UAF

CVE-2024-44946 - Linux KCM kcm_sendmsg() UAF

1 month ago 72
CVE-2024-8368 - "Code-projects Hospital Management System SQL Injection Vulnerability"

CVE-2024-8368 - "Code-projects Hospital Management System SQ...

1 month ago 69
English (US) English (US) ·
About Us · Contact Us · Terms & Conditions · Tools ·

© Intel85 - OSINT Search Engine 2024. All rights are reserved