Описание
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Single Sign-On 7 | rhsso-container-image | Affected | ||
| RHEL-8 based Middleware Containers | rh-sso-7/sso76-openshift-rhel8 | Fixed | RHSA-2023:1047 | 01.03.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
8 High
CVSS3
Связанные уязвимости
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
A flaw was found in Red Hat Single Sign-On for OpenShift container ima ...
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.
Уязвимость программного средства для управления идентификацией и доступом Keycloak, связанная с настройками прав доступа по умолчанию, позволяющая нарушителю, действующему удаленно, выполнить произвольный код
EPSS
8 High
CVSS3