Insufficient Input Validation in Kyma Leads to Potential Privilege Escalation
CVE-2021-38182
8.8HIGH
What is CVE-2021-38182?
The Kyma platform is susceptible to a vulnerability stemming from insufficient input validation. Authenticated users can manipulate the request header, leading to privilege escalation and potentially compromising the entire cluster. This flaw could allow attackers to perform unauthorized actions within the environment, significantly increasing security risks.
Affected Version(s)
Kyma <1.24.7