CVE-2021-36780 - CERT CVE
ID CVE-2021-36780
Sažetak A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3v.
Reference
CVSS
Base: 4.8
Impact: 4.9
Exploitability:6.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL NONE
CVSS vektor AV:A/AC:L/Au:N/C:P/I:P/A:N
Zadnje važnije ažuriranje 10-02-2023 - 02:30
Objavljeno 17-12-2021 - 09:15