CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
25.5%
github.com/clastix/kamaji is vulnerable to Improper Access Control. The vulnerability is due to inadequate use of an “open at the top” range definition in RBAC
for etcd
roles, which allows some TCPs API servers to read, write, and delete data of other control planes.