Podatność CVE-2024-6535


Publikacja: 2024-07-17

Opis:
A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie.

Typ:

CWE-1392

 Referencje:
https://access.redhat.com/security/cve/CVE-2024-6535
https://bugzilla.redhat.com/show_bug.cgi?id=2296024

Copyright 2024, cxsecurity.com

 

Back to Top