CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 1CVE-2020-27846 – crewjam/saml: authentication bypass in saml authentication
https://notcve.org/view.php?id=CVE-2020-27846
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se presenta una vulnerabilidad de verificación de firmas en crewjam/saml. Este fallo permite a un atacante omitir la autenticación SAML. • https://bugzilla.redhat.com/show_bug.cgi?id=1907670 https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9 https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM https://mattermos • CWE-115: Misinterpretation of Input •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2020-27781 – ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
https://notcve.org/view.php?id=CVE-2020-27781
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. • https://bugzilla.redhat.com/show_bug.cgi?id=1900109 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJ7FFROL25FYRL6FMI33VRKOD74LINRP https://security.gentoo.org/glsa/202105-39 https://access.redhat.com/security/cve/CVE-2020-27781 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27816 – openshift/elasticsearch-operator: arbitrary URL redirection of the cluster logging kibana console
https://notcve.org/view.php?id=CVE-2020-27816
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7. Elasticsearch-operator no comprueba el espacio de nombres donde el recurso de registro de kibana es creado y, debido a eso, es posible reemplazar el enlace de la consola de registro de openshift original (consola de kibana) por uno diferente, creado en base al nuevo CR para el nuevo recurso de kibana. Esto podría conllevar al redireccionamiento de una URL arbitraria o daños en el enlace de la consola de registro de openshift. • https://bugzilla.redhat.com/show_bug.cgi?id=1902698 https://access.redhat.com/security/cve/CVE-2020-27816 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-25660 – ceph: CEPHX_V2 replay attack protection lost
https://notcve.org/view.php?id=CVE-2020-25660
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform actions allowed by the Ceph service. This issue is a reintroduction of CVE-2018-1128, affecting the msgr2 protocol. The msgr 2 protocol is used for all communication except older clients that do not support the msgr2 protocol. The msgr1 protocol is not affected. • https://bugzilla.redhat.com/show_bug.cgi?id=1890354 https://ceph.io/community/v15-2-6-octopus-released https://ceph.io/releases/v14-2-14-nautilus-released https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBC4KZ44QUQENTYZPVHORGL4K2KV5V4F https://security.gentoo.org/glsa/202105-39 https://access.redhat.com/security/cve/CVE-2020-25660 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10763 – heketi: gluster-block volume password details available in logs
https://notcve.org/view.php?id=CVE-2020-10763
An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords. Se encontró un fallo en la divulgación de información en la forma en que Heketi versiones anteriores a 10.1.0 registra información confidencial. Este fallo permite a un atacante con acceso local al servidor de Heketi leer información potencialmente confidencial, tal y como contraseñas de gluster-block An information-disclosure flaw was found in the way Heketi logs sensitive information. This flaw allows an attacker with local access to the Heketi server, to read potentially sensitive information, such as gluster-block passwords. • https://bugzilla.redhat.com/show_bug.cgi?id=1845387 https://github.com/heketi/heketi/releases/tag/v10.1.0 https://access.redhat.com/security/cve/CVE-2020-10763 • CWE-532: Insertion of Sensitive Information into Log File •