CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-36533
https://notcve.org/view.php?id=CVE-2024-36533
Insecure permissions in volcano v1.8.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/a0e05a26ecc80bd970ac4649faecc930 • CWE-1259: Improper Restriction of Security Token Assignment •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-36537
https://notcve.org/view.php?id=CVE-2024-36537
Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/27879a6366a65fcd5f6c6fcbcf68d8e3 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36541
https://notcve.org/view.php?id=CVE-2024-36541
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/f972d1c152f3b8127af01206f7c2af0d • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-36539
https://notcve.org/view.php?id=CVE-2024-36539
Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://github.com/Abdurahmon3236/CVE-2024-36539 https://gist.github.com/HouqiyuA/c92f9ec979653dceeea947afd0b47a80 • CWE-277: Insecure Inherited Permissions •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-36534
https://notcve.org/view.php?id=CVE-2024-36534
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/0de688e6b874e480ddc1154350368450 • CWE-266: Incorrect Privilege Assignment •