Exposure of Resource to Wrong Sphere
A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. In StackRox versions prior to 3.68.2-rc.8, 3.69.x prior to 3.69.2-rc.6 and 3.70.x prior to 3.70.1-rc.1 notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifiers from the GraphQL API, revealing secrets that can escalate their privileges.
CWE-668 - Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.