CVE-2024-7128

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jul 26, 2024
Updated: Jul 29, 2024
CWE ID 200

Summary

CVE-2024-7128: A vulnerability was discovered in the Openshift console, affecting several endpoints that utilize the authHandler() and authHandlerWithUser() middleware functions. Despite relying on the targeted service for authentication and authorization when using the default authentication provider ("openShiftAuth"), these functions neglect to perform necessary checks, potentially exposing data due to insufficient credential verification.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Red Hat Openshift Container Platform

Affected Vendors

  • Red Hat