CVE-2019-3899

Sažetak

It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3899
https://access.redhat.com/errata/RHSA-2019:3255

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

12-02-2023 - 23:38

Objavljeno

22-04-2019 - 16:29