CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36542
https://notcve.org/view.php?id=CVE-2024-36542
Insecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/e1685843b6f42b47dbf97e2e92e63428 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36536
https://notcve.org/view.php?id=CVE-2024-36536
Insecure permissions in fabedge v0.8.1 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/381f100f2ba82a8ada03994aac5bb2e8 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36541
https://notcve.org/view.php?id=CVE-2024-36541
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/f972d1c152f3b8127af01206f7c2af0d • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36538
https://notcve.org/view.php?id=CVE-2024-36538
Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/f06d1fa07b5287b862c1e0b288f301e5 • CWE-278: Insecure Preserved Inherited Permissions •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-36537
https://notcve.org/view.php?id=CVE-2024-36537
Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/27879a6366a65fcd5f6c6fcbcf68d8e3 • CWE-284: Improper Access Control •