Описание
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 1.5.0 (включая)
cpe:2.3:a:f5:big-ip_controller:*:*:*:*:*:kubernetes:*:*
EPSS
Процентиль: 41%
0.00195
Низкий
8.8 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container.
EPSS
Процентиль: 41%
0.00195
Низкий
8.8 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522