{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-56513", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-12-26T20:37:22.384Z", "datePublished": "2025-01-03T16:11:51.629Z", "dateUpdated": "2025-01-03T17:22:04.247Z"}, "containers": {"cna": {"title": "Karmada PULL Mode Cluster Privilege Escalation", "problemTypes": [{"descriptions": [{"cweId": "CWE-266", "lang": "en", "description": "CWE-266: Incorrect Privilege Assignment", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r"}, {"name": "https://github.com/karmada-io/karmada/pull/5793", "tags": ["x_refsource_MISC"], "url": "https://github.com/karmada-io/karmada/pull/5793"}, {"name": "https://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831", "tags": ["x_refsource_MISC"], "url": "https://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831"}, {"name": "https://karmada.io/docs/administrator/security/component-permission", "tags": ["x_refsource_MISC"], "url": "https://karmada.io/docs/administrator/security/component-permission"}], "affected": [{"vendor": "karmada-io", "product": "karmada", "versions": [{"version": "< 1.12.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-03T16:11:51.629Z"}, "descriptions": [{"lang": "en", "value": "Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, the PULL mode clusters registered with the `karmadactl register` command have excessive privileges to access control plane resources. By abusing these permissions, an attacker able to authenticate as the karmada-agent to a karmada cluster would be able to obtain administrative privileges over the entire federation system including all registered member clusters. Since Karmada v1.12.0, command `karmadactl register` restricts the access permissions of pull mode member clusters to control plane resources. This way, an attacker able to authenticate as the karmada-agent cannot control other member clusters in Karmada. As a workaround, one may restrict the access permissions of pull mode member clusters to control plane resources according to Karmada Component Permissions Docs."}], "source": {"advisory": "GHSA-mg7w-c9x2-xh7r", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-03T17:21:50.913626Z", "id": "CVE-2024-56513", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-03T17:22:04.247Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-56513", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-03T17:21:50.913626Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-03T17:21:58.185Z"}}], "cna": {"title": "Karmada PULL Mode Cluster Privilege Escalation", "source": {"advisory": "GHSA-mg7w-c9x2-xh7r", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "karmada-io", "product": "karmada", "versions": [{"status": "affected", "version": "< 1.12.0"}]}], "references": [{"url": "https://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r", "name": "https://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/karmada-io/karmada/pull/5793", "name": "https://github.com/karmada-io/karmada/pull/5793", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831", "name": "https://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831", "tags": ["x_refsource_MISC"]}, {"url": "https://karmada.io/docs/administrator/security/component-permission", "name": "https://karmada.io/docs/administrator/security/component-permission", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, the PULL mode clusters registered with the `karmadactl register` command have excessive privileges to access control plane resources. By abusing these permissions, an attacker able to authenticate as the karmada-agent to a karmada cluster would be able to obtain administrative privileges over the entire federation system including all registered member clusters. Since Karmada v1.12.0, command `karmadactl register` restricts the access permissions of pull mode member clusters to control plane resources. This way, an attacker able to authenticate as the karmada-agent cannot control other member clusters in Karmada. As a workaround, one may restrict the access permissions of pull mode member clusters to control plane resources according to Karmada Component Permissions Docs."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-03T16:11:51.629Z"}}}, "cveMetadata": {"cveId": "CVE-2024-56513", "state": "PUBLISHED", "dateUpdated": "2025-01-03T17:22:04.247Z", "dateReserved": "2024-12-26T20:37:22.384Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-01-03T16:11:51.629Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, the PULL mode clusters registered with the `karmadactl register` command have excessive privileges to access control plane resources. By abusing these permissions, an attacker able to authenticate as the karmada-agent to a karmada cluster would be able to obtain administrative privileges over the entire federation system including all registered member clusters. Since Karmada v1.12.0, command `karmadactl register` restricts the access permissions of pull mode member clusters to control plane resources. This way, an attacker able to authenticate as the karmada-agent cannot control other member clusters in Karmada. As a workaround, one may restrict the access permissions of pull mode member clusters to control plane resources according to Karmada Component Permissions Docs."}, {"lang": "es", "value": "Karmada es un sistema de administraci\u00f3n de Kubernetes que permite a los usuarios ejecutar aplicaciones nativas de la nube en varios cl\u00fasteres y nubes de Kubernetes. Antes de la versi\u00f3n 1.12.0, los cl\u00fasteres en modo PULL registrados con el comando `karmadactl register` tienen privilegios excesivos para acceder a los recursos del plano de control. Al abusar de estos permisos, un atacante capaz de autenticarse como agente de karmada en un cl\u00faster de karmada podr\u00eda obtener privilegios administrativos sobre todo el sistema de federaci\u00f3n, incluidos todos los cl\u00fasteres miembros registrados. Desde Karmada v1.12.0, el comando `karmadactl register` restringe los permisos de acceso de los cl\u00fasteres miembros del modo pull a los recursos del plano de control. De esta manera, un atacante capaz de autenticarse como agente de karmada no puede controlar otros cl\u00fasteres miembros en Karmada. Como workaround, se pueden restringir los permisos de acceso de los cl\u00fasteres miembros del modo pull a los recursos del plano de control de acuerdo con los documentos de permisos de componentes de Karmada."}], "id": "CVE-2024-56513", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-01-03T17:15:08.840", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/karmada-io/karmada/commit/2c82055c4c7f469411b1ba48c4dba4841df04831"}, {"source": "security-advisories@github.com", "url": "https://github.com/karmada-io/karmada/pull/5793"}, {"source": "security-advisories@github.com", "url": "https://github.com/karmada-io/karmada/security/advisories/GHSA-mg7w-c9x2-xh7r"}, {"source": "security-advisories@github.com", "url": "https://karmada.io/docs/administrator/security/component-permission"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"created": "2025-07-13T11:14:40.247916+00:00", "updated": "2025-07-13T11:14:40.247978+00:00", "vendors": ["karmada-io", "karmada-io$PRODUCT$karmada"]}