CVE-2024-32359

Published May 2nd, 2024

View on NVD ↗

CVSS v3

6.9

MEDIUM

CVSS v2

N/A

Affected

PROJECTS

Description

An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster.

HouqiyuA/k8s-rbac-poc

GitHub

carina-io/carina

Carina: an high performance and ops-free local storage for kubernetes

GitHub

722