Описание
Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API.
Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-50976
- https://github.com/redpanda-data/redpanda/issues/15048
- https://github.com/redpanda-data/redpanda/pull/14969
- https://github.com/redpanda-data/redpanda/pull/15060
- https://github.com/redpanda-data/redpanda/compare/v23.1.20...v23.1.21
- https://github.com/redpanda-data/redpanda/compare/v23.2.17...v23.2.18
Связанные уязвимости
CVSS3: 9.8
nvd
около 2 лет назад
Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API.