Security Advisory

CVE-2023-32194

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-16 12:56:37
Last updated 2024-10-16 17:25:32
Assigner suse
State PUBLISHED

Description

A vulnerability has been identified when granting a create or * global role for a resource type of "namespaces"; no matter the API group, the subject will receive * permissions for core namespaces. This can lead to someone being capable of accessing, creating, updating, or deleting a namespace in the project.