PT-2020-10907 · Suse · Suse Caas Platform
Published
2020-01-17
·
Updated
2020-02-06
·
CVE-2019-3682
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SUSE CaaS Platform version 3.0 before 17.09.1 ce-7.6.1
Description
The issue allows access to an insecure API locally on the Kubernetes master node.
Recommendations
For SUSE CaaS Platform version 3.0 before 17.09.1 ce-7.6.1, update to version 17.09.1 ce-7.6.1 or later to resolve the issue.
Fix
Exposure of Resource to Wrong Sphere
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Suse Caas Platform