CVE-2023-30512

Publication date

2023-04-12 00:00:00

Family

mitre

State

PUBLISHED

Description

CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret.