Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2018-11787
HistorySep 20, 2018 - 9:20 a.m.

CVE-2018-11787

2018-09-2009:20:19
redhat.com
access.redhat.com
12

EPSS

0.001

Percentile

48.4%

JSON

Prior to Karaf 3.0.9, Karaf 4.0.9, and Karaf 4.1.1, HTTP endpoints published by Karaf features may also be published under the HTTP web root, in addition to the paths specifically configured by the installed feature. Authentication and access control rules may not cover this additional path, potentially leading to authentication bypass on published features. The Gogo shell provided by the webconsole feature is potentially accessible without authentication as a result.

Related

osv 2
veracode 1
cve 1
prion 1
cvelist 1
nvd 1
github 1
osv
osv
CVE-2018-11787
2018-09-18 14:29:00
Improper Authentication in Apache Karaf
2019-01-07 19:14:51
veracode
veracode
Unauthorized Access
2017-03-17 01:15:40
cve
cve
CVE-2018-11787
2018-09-18 14:29:00
prion
prion
Authentication flaw
2018-09-18 14:29:00
cvelist
cvelist
CVE-2018-11787
2018-09-18 14:00:00
nvd
nvd
CVE-2018-11787
2018-09-18 14:29:00
github
github
Improper Authentication in Apache Karaf
2019-01-07 19:14:51

EPSS

0.001

Percentile

48.4%

JSON
Related for RH:CVE-2018-11787
osv2veracode1cve1prion1cvelist1nvd1github1