Unauthorized API Access and Sensitive Information Leakage in KubePi

Unauthorized API Access and Sensitive Information Leakage in KubePi

CVE-2023-22478 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds.

Learn more about our Cis Benchmark Audit For Kubernetes.