Metrics
Affected Vendors & Products
Thu, 31 Oct 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 31 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere v3.4.1 and v4.1.1 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. | An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. |
Tue, 22 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 22 Oct 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Kubesphere kubesphere
|
|
Weaknesses | CWE-639 | |
CPEs | cpe:2.3:a:kubesphere:kubesphere:*:*:*:*:*:*:*:* cpe:2.3:a:kubesphere:kubesphere:*:*:*:*:enterprise:*:*:* |
|
Vendors & Products |
Kubesphere kubeshpere
|
Kubesphere kubesphere
|
Tue, 15 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Kubesphere
Kubesphere kubeshpere |
|
CPEs | cpe:2.3:a:kubesphere:kubeshpere:*:*:*:*:*:*:*:* | |
Vendors & Products |
Kubesphere
Kubesphere kubeshpere |
|
Metrics |
cvssV3_1
|
Mon, 14 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere v3.4.1 and v4.1.1 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. | |
References |
|
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-14T00:00:00
Updated: 2024-10-31T16:57:29.495715
Reserved: 2024-09-11T00:00:00
Link: CVE-2024-46528
Updated: 2024-10-15T14:48:48.867Z
Status : Awaiting Analysis
Published: 2024-10-14T18:15:03.847
Modified: 2024-11-21T09:38:41.650
Link: CVE-2024-46528
No data.