cve/CVE-2024-36538.md at main - cve - 临风笛

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

637 B

Raw Permalink Blame History

CVE-2024-36538

Description

Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.

POC

Reference

https://gist.github.com/HouqiyuA/f06d1fa07b5287b862c1e0b288f301e5

Github

No PoCs found on GitHub currently.