2 matches found
CVE-2021-36780
SUSE Longhorn CVE-2021-36780 is a Missing Authentication for Critical Function vulnerability due to improper access control in the longhorn-engine replica. Exploitation allows an attacker to connect to a replica instance and read/write data that should be protected. Affected versions are SUSE Lon...
CVE-2021-36780 Unauthorized data access from replicas through vulnerable instance manager pods
A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn...