Lucene search
CVE-2024-5037 Openshift/telemeter: iss check during jwt authentication can be bypassed
Flaw in OpenShift Telemeter: bypassed "iss" check during JWT authentication
Show more
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | CVE-2024-5037 | 5 Jun 202418:01 | – | redhatcve |
 | CVE-2024-5037 | 5 Jun 202418:15 | – | nvd |
 | CVE-2024-5037 Openshift/telemeter: iss check during jwt authentication can be bypassed | 5 Jun 202418:03 | – | vulnrichment |
 | CVE-2024-5037 | 5 Jun 202418:15 | – | cve |
 | GO-2024-2905 Openshift/telemeter: iss check during jwt authentication can be bypassed in github.com/openshift/telemeter | 28 Jun 202415:28 | – | osv |
 | Authentication Bypass By Spoofing | 10 Jun 202413:40 | – | veracode |
 | (RHSA-2024:5200) Important: OpenShift Container Platform 4.12.63 bug fix and security update | 19 Aug 202403:01 | – | redhat |
| (RHSA-2024:4156) Important: OpenShift Container Platform 4.16.1 bug fix and security update | 3 Jul 202409:38 | – | redhat |
| (RHSA-2024:4151) Important: OpenShift Container Platform 4.15.20 security update | 2 Jul 202418:15 | – | redhat |
| (RHSA-2024:4329) Important: OpenShift Container Platform 4.14.32 bug fix and security update | 11 Jul 202411:48 | – | redhat |
10
[
{
"versions": [
{
"status": "affected",
"version": "4.16",
"lessThan": "4.17",
"versionType": "semver"
}
],
"packageName": "telemeter",
"collectionURL": "https://github.com/openshift/telemeter",
"defaultStatus": "unaffected"
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.12",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-telemeter",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.12.0-202408071159.p0.gc9592de.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.13",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-telemeter",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.13.0-202407081338.p0.g0634a6d.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.14",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-telemeter",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.14.0-202407021509.p0.g1f72681.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9",
"cpe:/a:redhat:openshift:4.14::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.15",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-telemeter-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.15.0-202406200537.p0.g14489f7.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9",
"cpe:/a:redhat:openshift:4.15::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-telemeter-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.16.0-202406200537.p0.gc1ecd10.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
]
},
{
"vendor": "Red Hat",
"product": "Logging Subsystem for Red Hat OpenShift",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-logging/opa-openshift-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:logging:5"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift distributed tracing 2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhosdt/tempo-gateway-opa-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:2"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift distributed tracing 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhosdt/tempo-gateway-opa-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo05 Jun 2024 18:03Current
7.5High risk
Vulners AI Score7.5
CVSS37.5
EPSS0.0049