Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:47 a.m.22 views

CVE-2024-45106

Improper authentication of an HTTP endpoint in the S3 Gateway of Apache Ozone 1.4.0 allows any authenticated Kerberos user to revoke and regenerate the S3 secrets of any other user. This is only possible if: ozone.s3g.secret.http.enabled is set to true. The default value of this configuration is...

8.1CVSS6.9AI score0.00557EPSS
Exploits0References1
NVD
NVD
added 2024/12/03 10:15 a.m.58 views

CVE-2024-45106

Improper authentication of an HTTP endpoint in the S3 Gateway of Apache Ozone 1.4.0 allows any authenticated Kerberos user to revoke and regenerate the S3 secrets of any other user. This is only possible if: ozone.s3g.secret.http.enabled is set to true. The default value of this configuration is...

8.1CVSS0.00557EPSS
Exploits0References2
Circl
Circl
added 2024/12/03 9:17 a.m.39 views

CVE-2024-45106

creationtimestamp| type| source ---|---|--- 2024-12-03 09:17:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113588139136376999 2024-12-03 12:19:20+00:00| seen| https://t.me/cvedetector/11878...

8.1CVSS4.8AI score0.00557EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/03 9:6 a.m.22 views

CVE-2024-45106 Apache Ozone: Improper authentication when generating S3 secrets

Improper authentication of an HTTP endpoint in the S3 Gateway of Apache Ozone 1.4.0 allows any authenticated Kerberos user to revoke and regenerate the S3 secrets of any other user. This is only possible if: ozone.s3g.secret.http.enabled is set to true. The default value of this configuration is...

7AI score0.00557EPSS
Exploits0References1
Rows per page
Query Builder