Lucene search
+L

9 matches found

redhat
redhat
added 2022/06/27 7:32 p.m.65 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS6.8AI score0.05664EPSS
Exploits3References26
openvas
openvas
added 2022/06/14 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2022-0225)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.7AI score0.01305EPSS
Exploits0References4
osv
osv
added 2022/06/13 8:44 p.m.4 views

MGASA-2022-0225 Updated nats-server packages fix security vulnerability

NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature. CVE-2022-24450...

9CVSS8.8AI score0.01305EPSS
Exploits0References3
mageia
mageia
added 2022/06/13 8:44 p.m.97 views

Updated nats-server packages fix security vulnerability

NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature. CVE-2022-24450...

9CVSS4AI score0.01305EPSS
Exploits0References2
osv
osv
added 2022/02/08 5:23 p.m.239 views

GHSA-G6W6-R76C-28J7 Incorrect Authorization in NATS nats-server

This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...

8.8CVSS8.7AI score0.01305EPSS
Exploits0References5
github
github
added 2022/02/08 5:23 p.m.27 views

Incorrect Authorization in NATS nats-server

This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...

9CVSS1.1AI score0.01305EPSS
Exploits0References5Affected Software2
cve
cve
added 2022/02/08 1:14 a.m.198 views

CVE-2022-24450

CVE-2022-24450 affects NATS nats-server up to and including 2.7.1, with a root cause in an experimental feature for dynamically provisioned sandbox accounts that allowed any authenticated user to switch into any account, including the System account. The impact is high (privilege escalation and f...

9CVSS8.5AI score0.01305EPSS
Exploits0References2Affected Software2
cvelist
cvelist
added 2022/02/08 1:14 a.m.51 views

CVE-2022-24450

NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...

8.9AI score0.01305EPSS
Exploits0References2
debiancve
debiancve
added 2022/02/08 1:14 a.m.50 views

CVE-2022-24450

NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...

9CVSS8.8AI score0.01305EPSS
Exploits0
Rows per page
Query Builder