CVE-2017-15138

Sažetak

The OpenShift Enterprise cluster-read can access webhook tokens which would allow an attacker with sufficient privileges to view confidential webhook tokens.

Reference

https://access.redhat.com/errata/RHBA-2018:0489
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15138

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

09-10-2019 - 23:24

Objavljeno

13-08-2018 - 17:29