CVE-2024-7128

Name of the Vulnerable Software and Affected Versions OpenShift console (affected versions not specified)

Description A flaw was found in the OpenShift console, where several endpoints use the authHandler() and authHandlerWithUser() middleware functions. When the default authentication provider is set to "openShiftAuth", these functions do not perform authentication checks, relying on the targeted service for authentication and authorization. This leads to data exposure due to a lack of proper credential verification.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.