VDB
CVE-2024-56513
CVE-2024-56513
PUBLISHED
CVSS 8.699999809265137 HIGH
Karmada PULL Mode Cluster Privilege Escalation
EPSS 0.15% · 35.6th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.15%
35.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| karmada-io | karmada | < 1.12.0, < 1.12.0 |
| github.com | karmada-io/karmada | 0, 0 |
Timeline
- Jan 21, 1970 Security Advisory
- Jan 3, 2025 CVE Published
- Jan 3, 2025 PoC Published
- Jan 3, 2025 PoC Published
- Jan 4, 2025 EPSS Score
- Jan 4, 2025 PoC Published
- Jan 5, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 6, 2025 PoC Published
- Jan 20, 2025 EPSS Score
- Jan 21, 2025 Coalition ESS Score
- Feb 5, 2025 EPSS Score
References
- https://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r url
- https://github.com/karmada-io/karmada/pull/5793 url
- https://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831 url
- https://karmada.io/docs/administrator/security/component-permission url
- https://nvd.nist.gov/vuln/detail/CVE-2024-56513 advisory
- https://github.com/karmada-io/karmada package