An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-10-04T13:05:37.522Z
Updated: 2024-09-19T14:42:30.285Z
Reserved: 2023-04-04T12:32:42.126Z
Link: CVE-2023-1832
Vulnrichment
Updated: 2024-08-02T06:05:26.066Z
NVD
Status : Modified
Published: 2023-10-04T14:15:10.370
Modified: 2024-11-21T07:39:59.147
Link: CVE-2023-1832
Redhat