exploitDog

GHSA-qx4q-jhfj-788f

Опубликовано: 06 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Ссылки

EPSS

Процентиль: 30%

0.00114

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2022-27495

CVSS3: 6.5

nvd

почти 4 года назад

On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

BDU:2022-02978

CVSS3: 6.5

fstec

почти 4 года назад

Уязвимость программного средства для обеспечения сетевых подключений NGINX Service Mesh, позволяющая нарушителю обойти процесс аутентификации

EPSS

Процентиль: 30%

0.00114

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-306