Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Replicated 信息泄露漏洞
Vulnerability Description
Replicated是美国Replicated公司的一个管理软件。它为软件供应商提供了一个基于容器的平台,用于在客户环境中快速部署云原生应用程序,以提供更高的安全性和控制。 Replicated Classic 2.x 版本存在安全漏洞,该漏洞源于程序有一个不正确保护的API,它公开了来自Replicated Admin Console配置的敏感数据。攻击者可利用该漏洞检索用于配置管理控制台的TLS密钥对(证书和密钥)。
CVSS Information
N/A
Vulnerability Type
N/A