CVE-2024-41820P4MEDIUMCVSS 6.0fixed in 0.18.02024-08-05
CVE-2024-41820 [MEDIUM] CWE-732 CVE-2024-41820: Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine.
Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine. The ClusterRole has `*` verbs of `*` resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level pr
nvd