6 matches found
GHSA-VW7G-3CC7-7RMH cortex establishes TLS connections with `InsecureSkipVerify` set to `true`
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
CVE-2024-41265
CVE-2024-41265 describes a TLS certificate verification issue in the Cortex project (v0.42.1) that allows an attacker to obtain sensitive information via the makeOperatorRequest function. The vulnerability arises from improper TLS certificate verification during network communications, enabling p...
CVE-2024-41265
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function...
Design/Logic Flaw
MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured...