VDB
GCVE-110-CLOUD-2024-0053
GCVE-110-CLOUD-2024-0053
Advisory Published
The system:authenticated group in Kubernetes is a special group that includes all authenticated entities,
including human users and service accounts. Anyone who successfully authenticates to the Kubernetes API server,
regardless of the authentication method used, will be automatically included in this unique group. Thus, it will
share the same roles and permissions of the group. This misunderstanding then creates a significant security
loophole when administrators unknowingly bind this group with overly permissive roles.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GCP | GKE | — | — |
| GCP | Cloud Services | — | — |
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.