CVE-2024-7128

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jul 26, 2024

Updated: Jul 29, 2024

CWE ID 200

Summary

CVE-2024-7128: A vulnerability was discovered in the Openshift console, affecting several endpoints that utilize the authHandler() and authHandlerWithUser() middleware functions. Despite relying on the targeted service for authentication and authorization when using the default authentication provider ("openShiftAuth"), these functions neglect to perform necessary checks, potentially exposing data due to insufficient credential verification.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Red Hat Openshift Container Platform

Affected Vendors

Red Hat

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xQHWts
https://www.cve.org/CVERecord?id=CVE-2024-7128
https://nvd.nist.gov/vuln/detail/CVE-2024-7128

Back to Vulnerability Database