Описание
Azure Local Cluster Information Disclosure Vulnerability
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
FAQ
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is user tokens and other potentially sensitive information.
According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?
This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.8 Medium
CVSS3
Связанные уязвимости
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
Уязвимость программного средства для развертывания и управления кластерами Kubernetes на локальной инфраструктуре Azure Local Cluster, связанная с раскрытием значения пароля в файле журнала, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
6.8 Medium
CVSS3