131 matches found
Moderate: Red Hat Security Advisory: RHACS 4.7 bug fix and security update
Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...
Moderate: Red Hat Security Advisory: RHACS 4.7 bug fix and security update
Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...
Moderate: Red Hat Security Advisory: RHACS 4.8.4 security and bug fix update
Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...
Linux Distros Unpatched Vulnerability : CVE-2016-2141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw t...
Linux Distros Unpatched Vulnerability : CVE-2024-23451
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and...
The vulnerability of the orf_token_endian_convert() function in the community-based communication system for Corosync-resistant clusters allows a perpetrator to execute arbitrary code or cause a service failure.
The vulnerability of the orftokenendianconvert function in the cluster-based communication system for Corosync-resistant clusters is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a...
GHSA-HMP7-X699-CVHQ Argo Events users can gain privileged access to the host system and cluster with EventSource and Sensor CR
Summary: A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. Details: The EventSource and Sensor CRs allow the corresponding orchestrated pod to be customiz...
ingress-nginx controller - auth secret file path traversal vulnerability
A security issue was discovered in ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities,...
CVE-2022-4975
A flaw was found in the Red Hat Advanced Cluster Security RHACS portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/ endpoints, the front-end generates a DOM table-element id="pdf-table". This information is then populated with unsanitized data usi...
CVE-2022-4975 Rhacs: cross-site scripting in portal
A flaw was found in the Red Hat Advanced Cluster Security RHACS portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/ endpoints, the front-end generates a DOM table-element id="pdf-table". This information is then populated with unsanitized data usi...
CVE-2022-4975 Rhacs: cross-site scripting in portal
A flaw was found in the Red Hat Advanced Cluster Security RHACS portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/ endpoints, the front-end generates a DOM table-element id="pdf-table". This information is then populated with unsanitized data usi...
CVE-2022-4975
The CVE-2022-4975 entry concerns Red Hat Advanced Cluster Security (RHACS) portal UI. Affected component: frontend rendering of table views (e.g., /main/configmanagement/*) where the portal creates a DOM table (id="pdf-table") and later populates it with data via innerHTML. Root cause: unsanitize...
PT-2025-1377 · Red Hat · Red Hat Advanced Cluster Security
Name of the Vulnerable Software and Affected Versions: Red Hat Advanced Cluster Security RHACS affected versions not specified Description: A flaw was found in the Red Hat Advanced Cluster Security RHACS portal. When rendering a table view in the portal, for example, on any of the...
GHSA-QJVC-P88J-J9RM Kyverno's PolicyException objects can be created in any namespace by default
Summary A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. Details By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this allows users with privileges to...
OESA-2024-2049 booth security update
Booth manages tickets which authorize cluster sites located in geographically dispersed locations to run resources. It facilitates support of geographically distributed clustering in Pacemaker. Security Fixes: A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is...
Privilege Escalation
github.com/submariner-io/submariner-operator is vulnerable to Privilege Escalation. The vulnerability is due to unnecessary role-based access control permissions, which allows a privileged attacker to run a malicious container on a node, potentially stealing service account tokens and compromisin...
Important: Red Hat Security Advisory: RHACS 4.4 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes changes, bug fixes, and updates to patch vulnerabilities. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...
GHSA-2RHX-QHXP-5JPW Submariner Operator sets unnecessary RBAC permissions
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster...
BIT-ELASTICSEARCH-2024-23451 Elasticsearch Incorrect Authorization in the Remote Cluster Security API key based security model
Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote Cluster Security to...
The vulnerability of the Elasticsearch search system’s Remote Cluster Security component, related to incorrect authentication, allows a perpetrator to gain access to protected information.
The vulnerability of the Elasticsearch search system component related to Remote Cluster Security is linked to improper authentication. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...