Incorrect Default Permissions
An incorrect default permissions vulnerability was found in mig-controller versions prior to 1.5.2 and 1.6.x prior to 1.6.3. Due to an incorrect cluster namespace handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster.
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.