CVE-2021-36779

Published December 17th, 2021

View on NVD ↗

CVSS v3

9.6

CRITICAL

CVSS v2

8.3

HIGH

Affected

PROJECT

Description

A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3.

longhorn/longhorn

Cloud-Native distributed storage built on and for Kubernetes

GitHub

7.81K