{"vulnerability": "CVE-2024-56513", "sightings": [{"uuid": "0ef65a5b-81d5-46bd-b3a6-517c5a3ea506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lf2dg3fjqc2i", "content": "", "creation_timestamp": "2025-01-06T04:48:53.302387Z"}, {"uuid": "3752e3ef-aa21-4b78-8467-f6f71dc496bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765323783466999", "content": "", "creation_timestamp": "2025-01-03T16:17:58.775988Z"}, {"uuid": "9c4a6ca4-bce4-4634-8e2b-5fca7ebc2990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113770707250738515", "content": "", "creation_timestamp": "2025-01-04T15:08:40.134391Z"}, {"uuid": "218a823a-d377-4c11-b3bc-d192c3fae4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://t.me/CyberBulletin/1945", "content": "\u26a1\ufe0fCVE-2024-56513: Karmada Vulnerability Grants Attackers Control of Kubernetes Systems.\n\n#CyberBulletin", "creation_timestamp": "2025-01-05T11:52:46.000000Z"}, {"uuid": "4f1c570f-2d80-43c8-9b5b-8004f62f91c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://t.me/cvedetector/14234", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56513 - \"...Karmada Unrestricted Cluster Access\"\", \n  \"Content\": \"CVE ID : CVE-2024-56513 \nPublished : Jan. 3, 2025, 5:15 p.m. | 16\u00a0minutes ago \nDescription : Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Prior to version 1.12.0, the PULL mode clusters registered with the `karmadactl register` command have excessive privileges to access control plane resources. By abusing these permissions, an attacker able to authenticate as the karmada-agent to a karmada cluster would be able to obtain administrative privileges over the entire federation system including all registered member clusters. Since Karmada v1.12.0, command `karmadactl register` restricts the access permissions of pull mode member clusters to control plane resources. This way, an attacker able to authenticate as the karmada-agent cannot control other member clusters in Karmada. As a workaround, one may restrict the access permissions of pull mode member clusters to control plane resources according to Karmada Component Permissions Docs. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T18:41:46.000000Z"}, {"uuid": "e2d08fb1-f82d-40fb-aeee-56da1b1e7a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://t.me/CyberBulletin/27050", "content": "\u26a1\ufe0fCVE-2024-56513: Karmada Vulnerability Grants Attackers Control of Kubernetes Systems.\n\n#CyberBulletin", "creation_timestamp": "2025-01-05T11:46:05.000000Z"}, {"uuid": "5a30111b-d28d-41e6-b8d2-24b148a36b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "MISP/dd71e3c5-20f7-409a-8bcc-8df3cd8022a7", "content": "", "creation_timestamp": "2025-09-03T13:30:06.000000Z"}, {"uuid": "e8f5eed9-f1be-4a31-b50d-e0d2e7b0a3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56513", "type": "seen", "source": "https://t.me/CyberBulletin/9358", "content": "\u26a1\ufe0fCVE-2024-56513: Karmada Vulnerability Grants Attackers Control of Kubernetes Systems.\n\n#CyberBulletin", "creation_timestamp": "2025-01-06T06:36:06.000000Z"}]}