admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-07-28 15:01:15 +00:00
parent 06df6b6c0c
commit 1c4c110c78
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
2 changed files with 4 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2024/40xxx/CVE-2024-40897.json
View File

@ -67,11 +67,6 @@
"url": "https://jvn.jp/en/jp/JVN02030803/",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN02030803/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/26/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/07/26/1"
}
]
}

98
2024/7xxx/CVE-2024-7128.json
View File

@ -1,107 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7128",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Openshift console. Several endpoints in the application use the authHandler() and authHandlerWithUser() middleware functions. When the default authentication provider (\"openShiftAuth\") is set, these functions do not perform any authentication checks, relying instead on the targeted service to handle authentication and authorization. This issue leads to various degrees of data exposure due to a lack of proper credential verification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Container Platform 3.11",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat OpenShift Container Platform 4",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-7128",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2024-7128"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300037",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2300037"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Thibault Guittet (Red Hat)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}