Описание
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.
Ссылки
- https://docs.google.com/presentation/d/1C_IpRfSU-9FMezcHCFZ-qg-15JO-W36yvqcnzI8sQs8/edit?usp=sharingExploitThird Party Advisory
- https://docs.google.com/presentation/d/1C_IpRfSU-9FMezcHCFZ-qg-15JO-W36yvqcnzI8sQs8/edit?usp=sharingExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:atomix:atomix:3.1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00237
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
redhat
около 4 лет назад
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.
CVSS3: 7.5
github
около 4 лет назад
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node.
EPSS
Процентиль: 46%
0.00237
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo