{"uuid": "463937da-594a-480d-99c5-191f58156ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4456", "type": "seen", "source": "https://t.me/cibsecurity/68901", "content": "\u203c CVE-2023-4456 \u203c\n\nA flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:17.000000Z"}