Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.45 views

RHEL 7 : Red Hat OpenShift Service Mesh 1.0.10 Jaeger and Kiali (RHSA-2020:0972)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0972 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

8.6CVSS7.4AI score0.01652EPSS
Exploits1References6
OSV
OSV
added 2020/04/27 9:15 p.m.32 views

CVE-2020-1762

An insufficient JWT validation vulnerability was found in Kiali versions 0.4.0 to 1.15.0 and was fixed in Kiali version 1.15.1, wherein a remote attacker could abuse this flaw by stealing a valid JWT cookie and using that to spoof a user session, possibly gaining privileges to view and alter the...

8.6CVSS6.7AI score0.01125EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/04/27 8:41 p.m.44 views

CVE-2020-1762

An insufficient JWT validation vulnerability was found in Kiali versions 0.4.0 to 1.15.0 and was fixed in Kiali version 1.15.1, wherein a remote attacker could abuse this flaw by stealing a valid JWT cookie and using that to spoof a user session, possibly gaining privileges to view and alter the...

7CVSS8.4AI score0.01125EPSS
Exploits0References2
CVE
CVE
added 2020/04/27 8:41 p.m.118 views

CVE-2020-1762

CVE-2020-1762 affects Kiali versions 0.4.0 to 1.15.0; root cause is insufficient JWT validation. An attacker could steal a valid JWT cookie and use it to spoof a user session, potentially gaining privileges to view and alter Istio configuration. The issue was fixed in Kiali 1.15.1. Remediation is...

8.6CVSS8.3AI score0.01125EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder