Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rhacm: users with clusterreader role can see credentials from managed-clusters
Vulnerability Description
A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before 2.11.4, and 2.12, before 2.12.4. This vulnerability allows an unprivileged user to view confidential managed cluster credentials through the UI. This information should only be accessible to authorized users and may result in the loss of confidentiality of administrative information, which could be leaked to unauthorized actors.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
侵犯隐私
Vulnerability Title
Red Hat Advanced Cluster Management 安全漏洞
Vulnerability Description
Red Hat Advanced Cluster Management是美国红帽(Red Hat)公司的一个控制台集群控制软件。 Red Hat Advanced Cluster Management 2.10.7之前版本、2.11.4之前版本和2.12.4之前版本存在安全漏洞,该漏洞源于未授权用户可查看集群凭据,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A