Описание
Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.10 | openshift-elasticsearch-plugin | Fix deferred | ||
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | Fix deferred | ||
| Red Hat OpenShift Container Platform 3.9 | openshift-elasticsearch-plugin | Fix deferred | ||
| Red Hat OpenShift Container Platform 3.9 | search-guard-2 | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch5 | Fix deferred |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1757956search-guard: timing side channel issue when using the internal user database
EPSS
Процентиль: 51%
0.00281
Низкий
5.9 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.9
nvd
больше 6 лет назад
Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.
github
больше 3 лет назад
Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.
EPSS
Процентиль: 51%
0.00281
Низкий
5.9 Medium
CVSS3