CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6535 – Skupper: potential authentication bypass to skupper console via forged cookies
https://notcve.org/view.php?id=CVE-2024-6535
A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie. Se encontró un defecto en Skupper. Cuando Skupper se inicializa con la consola habilitada y con la autenticación de la consola configurada en Openshift, configura el proxy oauth de openshift con un secreto de cookie estático. • https://access.redhat.com/security/cve/CVE-2024-6535 https://bugzilla.redhat.com/show_bug.cgi?id=2296024 https://access.redhat.com/errata/RHSA-2024:4865 https://access.redhat.com/errata/RHSA-2024:4871 • CWE-287: Improper Authentication CWE-1392: Use of Default Credentials •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5056 – Skupper-operator: privelege escalation via config map
https://notcve.org/view.php?id=CVE-2023-5056
A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview. Se encontró una falla en el operador Skupper, que puede permitir que una determinada configuración cree una cuenta de servicio que permitiría a un atacante autenticado en el clúster adyacente ver las implementaciones en todos los espacios de nombres del clúster. Este problema permite la visualización no autorizada de información fuera del ámbito del usuario. • https://access.redhat.com/errata/RHSA-2023:6219 https://access.redhat.com/security/cve/CVE-2023-5056 https://bugzilla.redhat.com/show_bug.cgi?id=2239517 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 81%CPEs: 444EXPL: 7CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •