CNNVD-202506-1630 Information

CNNVD ID

CNNVD-202506-1630

Related CVE

CVE-2025-2843

• CNNVD Published: 2025-06-12

Description (Chinese)

observability Operator是Red Hat Observability开源的一个在Kubernetes集群上创建所需的监控堆栈软件。 observability Operator存在安全漏洞，该漏洞源于创建具有ClusterRole的ServiceAccount，可能导致权限提升。

Description (English)

Operator is an open source of Red Hat Observability to create the required monitoring stack software on the Kubernetes cluster. There is a security loophole in Operator, which stems from the creation of the ServiceAccount with ClusterRole, which could lead to increased access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Red Hat Observability

Published

2025-06-12

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2025-2843