Lucene search
K

4 matches found

OSV
OSV
added 2024/04/25 6:30 p.m.30 views

GHSA-X5M7-63C6-FX79 Withdrawn Advisory: Cluster Monitoring Operator contains a credentials leak

Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a package in the Go registry. For more information, see the discussion here. This link is maintained to preserve external references. Original Description A credentials leak vulnerability was found in th...

7.7CVSS7.5AI score0.00892EPSS
Exploits0References11
CVE
CVE
added 2024/04/25 4:25 p.m.214 views

CVE-2024-1139

CVE-2024-1139 affects OpenShift Container Platform’s cluster-monitoring-operator. The root cause is a credentials leak where a repository pull secret can be accessed via pod manifest annotations (notably within the telemeter-client pod in openshift-monitoring). This could allow a user with basic ...

7.7CVSS6.4AI score0.00892EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/25 4:25 p.m.37 views

CVE-2024-1139 Cluster-monitoring-operator: credentials leak

A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret...

7.7CVSS7.5AI score0.00892EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/04/03 12:5 p.m.31 views

CVE-2024-1139

A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret...

7.7CVSS7.3AI score0.00892EPSS
Exploits0References3
Rows per page
Query Builder