Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-96A73AA0C908A56EA4150839FE066622HistoryJul 21, 2023 - 12:00 a.m.
Improper Access Control
2023-07-2100:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
7
kubepi
access control
vulnerability
version 1.6.5
upgrade
0.001 Low
EPSS
Percentile
23.5%
KubePi is an opensource kubernetes management panel. A normal user has permission to create/update users, they can become admin by editing the isadmin value in the request. As a result any user may take administrative control of KubePi. This issue has been addressed in version 1.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/github.com/kubeoperator/kubepi | lt | v1.6.5 |
Related
osv
osv
KubePi Privilege Escalation vulnerability
2023-07-21 20:18:00
CVE-2023-37917
2023-07-21 21:15:11
gitlab
gitlab
Improper Access Control
2023-07-21 00:00:00
cve
cve
CVE-2023-37917
2023-07-21 21:15:11
cvelist
cvelist
CVE-2023-37917 Privilege Escalation in kubepi
2023-07-21 20:13:22
nvd
nvd
CVE-2023-37917
2023-07-21 21:15:11
github
github
KubePi Privilege Escalation vulnerability
2023-07-21 20:18:00
veracode
veracode
Privilege Escalation
2023-07-25 06:07:11
prion
prion
Server side request forgery (ssrf)
2023-07-21 21:15:00