Описание
An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant.
Ссылки
- Vendor Advisory
- Issue TrackingPatchVendor Advisory
- Vendor Advisory
- Issue TrackingPatchVendor Advisory
Уязвимые конфигурации
EPSS
6.8 Medium
CVSS3
8.1 High
CVSS3
Дефекты
Связанные уязвимости
An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant.
An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant.
Уязвимость набора инструментов для управления подписками на программное обеспечение Candlepin, связанная с неправильным контролем доступа, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS
6.8 Medium
CVSS3
8.1 High
CVSS3