Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CoreOS Tectonic 1.7.x and 1.8.x before 1.8.7-tectonic.2 deploys the Grafana web application using default credentials (admin/admin) for the administrator account located at grafana-credentials secret. This occurs because CoreOS does not randomize the administrative password to later be configured by Tectonic administrators. An attacker can insert an XSS payload into the dashboards.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat CoreOS Tectonic 跨站脚本漏洞
Vulnerability Description
Red Hat CoreOS Tectonic是美国红帽(Red Hat)公司的一套开源的自动化企业Kubernetes平台。该平台主要用于自动执行操作任务,实现平台可移植性和多集群管理。 Red Hat CoreOS Tectonic 1.7.x版本和1.8.7-tectonic.2之前的1.8.x版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
CVSS Information
N/A
Vulnerability Type
N/A