CVE-2024-47827 - CERT CVE
ID CVE-2024-47827
Sažetak Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2.
Reference
CVSS
Base: 5.7
Impact: 3.6
Exploitability:2.1
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE HIGH
CVSS vektor CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Zadnje važnije ažuriranje 29-10-2024 - 14:34
Objavljeno 28-10-2024 - 16:15