admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/12xxx/CVE-2019-12494.json
CVE Team 425d56dd79
"-Synchronized-Data."
2019-06-05 19:00:48 +00:00

86 lines
2.8 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not blocked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/gardener/vpn/issues/40",
"refsource": "MISC",
"name": "https://github.com/gardener/vpn/issues/40"
},
{
"url": "https://github.com/gardener/gardener/pull/874",
"refsource": "MISC",
"name": "https://github.com/gardener/gardener/pull/874"
},
{
"refsource": "CONFIRM",
"name": "https://groups.google.com/forum/#!topic/gardener/pH6dNIEhv-A",
"url": "https://groups.google.com/forum/#!topic/gardener/pH6dNIEhv-A"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N",
"version": "3.0"
}
}
}
Reference in New Issue View Git Blame Copy Permalink