CVE-2024-3154 – A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod …

26 April 2024

Vuln ID: CVE-2024-3154

Published: 2024-04-26 04:15:09.217

Description: A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.

Base Score: 7.2 – HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Source: NVD.NIST.GOV

Date:

26 April 2024

Categorie(s):

NVD

Tag(s):

NVD

With its new iPad, Apple’s Empire strikes back6 May 2024
Malware campaign attempts abuse of defender binaries6 May 2024
Microsoft unveils new security features for SOC teams to combat insider threats6 May 2024
BigID launches new hybrid scanning technology for enhance cloud data management6 May 2024
At RSA, Cisco launches bolsters in Security Cloud, built on Hypershield and Splunk6 May 2024