CVE-2020-1701
N/A
N/A
Summary
A flaw was found in the KubeVirt main virt-handler versions before 0.26.0 regarding the access permissions of virt-handler. An attacker with access to create VMs could attach any secret within their namespace, allowing them to read the contents of that secret.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | virt-handler | kubevirt 0.26.0 | affected |
Weaknesses
- CWE-732: CWE-732
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.