Lucene search
K

5 matches found

Wolfi
Wolfi
added 2024/03/04 8:15 p.m.29 views

CVE-2024-2048 vulnerabilities

Vulnerabilities for packages: k3d...

9.8CVSS7.5AI score0.00447EPSS
Exploits0
Chainguard
Chainguard
added 2024/03/04 8:15 p.m.60 views

CVE-2024-2048 vulnerabilities

Vulnerabilities for packages: k3d...

9.8CVSS8.2AI score0.00447EPSS
Exploits0
OSV
OSV
added 2024/03/04 7:56 p.m.2 views

CVE-2024-2048 Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass...

8.1CVSS7.1AI score0.00447EPSS
Exploits0References5
CVE
CVE
added 2024/03/04 7:56 p.m.400 views

CVE-2024-2048

CVE-2024-2048 affects Vault and Vault Enterprise where TLS certificate auth did not properly validate client certificates when configured with a non-CA trusted certificate, potentially allowing certificate-based authentication bypass. The issue is fixed in Vault 1.15.5 and 1.14.10.

9.8CVSS7.8AI score0.00447EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/04 7:56 p.m.33 views

CVE-2024-2048 Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass...

8.1CVSS8.1AI score0.00447EPSS
Exploits0References2
Rows per page
Query Builder