Insecure Inherited Permissions
CVE-2024-36542
Summary
Insecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-277 - Insecure Inherited Permissions
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
References
Advisory Timeline
- Published
