Lucene search
RedHatRHSA-2023:1452HistoryMar 23, 2023 - 6:38 p.m.
(RHSA-2023:1452) Moderate: Red Hat OpenShift GitOps security update
2023-03-2318:38:57
access.redhat.com
21
red hat
openshift
gitops
security update
argocd
unauthorized user
enumeration
cve-2022-41354
cvss score
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
30.9%
Security Fix(es):
- ArgoCD: Authenticated but unauthorized users may enumerate Application names via the API (CVE-2022-41354)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
github
github
redhatcve
redhatcve
CVE-2022-41354
2023-03-23 16:43:04
prion
prion
Design/Logic Flaw
2023-03-27 14:15:00
cvelist
cvelist
CVE-2022-41354
2023-03-27 00:00:00
hackerone
hackerone
osv
osv
CVE-2022-41354
2023-03-27 14:15:07
nvd
nvd
CVE-2022-41354
2023-03-27 14:15:07
veracode
veracode
Information Disclosure
2023-03-24 04:26:50
cve
cve
CVE-2022-41354
2023-03-27 14:15:07
redhat
redhat
(RHSA-2023:1454) Moderate: Red Hat OpenShift GitOps security update
2023-03-23 19:09:39
(RHSA-2023:1453) Moderate: Red Hat OpenShift GitOps security update
2023-03-23 18:44:48
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
30.9%
Related for RHSA-2023:1452