CVE-2023-3027
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values (instead of the policy apply a static manifest on a managed cluster) of taking advantage of cluster scoped access in a created policy. This feature does not restrict properly to lookup content from the namespace where the policy was created.
| CWE | CWE-269 |
| Vendor | n/a |
| Product | rhacm |
| Published | Jun 5, 2023 |
| Last Updated | Jan 8, 2025 |
Stay Ahead of the Next One
Get instant alerts for n/a rhacm
Be the first to know when new high vulnerabilities affecting n/a rhacm are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / RHACM
2.5, 2.6, 2.7