exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2023-51982

около 2 лет назад

CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)

CVSS3: 9.8

EPSS: Низкий

GHSA-7mgx-gvjw-m3w3

около 2 лет назад

CrateDB authentication bypass vulnerability

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2023-51982 CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)	CVSS3: 9.8	0% Низкий	около 2 лет назад
	GHSA-7mgx-gvjw-m3w3 CrateDB authentication bypass vulnerability	CVSS3: 7.5	0% Низкий	около 2 лет назад

Уязвимостей на страницу