The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/zowe/api-layer |
History
Thu, 19 Dec 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
Vendors & Products |
Linuxfoundation api Mediation Layer
|
Mon, 25 Nov 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linuxfoundation api Mediation Layer
|
|
CPEs | cpe:2.3:a:linuxfoundation:api_mediation_layer:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linuxfoundation api Mediation Layer
|
Thu, 10 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linuxfoundation
Linuxfoundation zowe Api Mediation Layer |
|
Weaknesses | CWE-312 | |
CPEs | cpe:2.3:a:linuxfoundation:zowe_api_mediation_layer:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linuxfoundation
Linuxfoundation zowe Api Mediation Layer |
|
Metrics |
ssvc
|
Thu, 10 Oct 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers. | |
Title | Health endpoint offers list of onboarded services to unauthenticated users | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Zowe
Published: 2024-10-10T07:29:10.066Z
Updated: 2024-10-10T14:21:58.664Z
Reserved: 2024-10-10T07:29:09.962Z
Link: CVE-2024-9798
Vulnrichment
Updated: 2024-10-10T14:21:51.411Z
NVD
Status : Analyzed
Published: 2024-10-10T08:15:04.207
Modified: 2024-12-19T17:00:16.440
Link: CVE-2024-9798
Redhat
No data.