CVE-2020-10712

Опубликовано: 22 апр. 2020

Источник: nvd

CVSS3: 7

CVSS3: 8.2

CVSS2: 6.4

EPSS Низкий

Описание

A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The highest threat from this vulnerability is to data integrity.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10712
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10712
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*

Версия до 4.1 (включая)

EPSS

Процентиль: 41%

0.00189

Низкий

7 High

CVSS3

8.2 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-532

Связанные уязвимости

CVE-2020-10712

CVSS3: 7

redhat

почти 6 лет назад

GHSA-2r5r-x58v-cx3w

CVSS3: 7

github

больше 4 лет назад

Information Disclosure in OpenShift Container Platform

EPSS

Процентиль: 41%

0.00189

Низкий

7 High

CVSS3

8.2 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-532