RSS   Vulnerabilities for 'Bored-agent'   RSS

2022-01-25
 
CVE-2022-0270

CWE-732
 

 
Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.

 

 >>> Vendor: Mirantis 4 Products
Mirantis container runtime
LENS
Bored-agent
Container cloud lens extension


Copyright 2024, cxsecurity.com

 

Back to Top