7 matches found
SUSE CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
cortex establishes TLS connections with `InsecureSkipVerify` set to `true`
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
PT-2024-29341 · Cortex · Cortex
Name of the Vulnerable Software and Affected Versions: cortex version 0.42.1 Description: A TLS certificate verification issue allows attackers to obtain sensitive information via the makeOperatorRequest function. This is due to cortex establishing TLS connections with the InsecureSkipVerify...
CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
CVE-2024-41265
CVE-2024-41265 describes a TLS certificate verification issue in the Cortex project (v0.42.1) that allows an attacker to obtain sensitive information via the makeOperatorRequest function. The vulnerability arises from improper TLS certificate verification during network communications, enabling p...
CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...