rhsa-2023_4720
Vulnerability from csaf_redhat
Published
2023-08-23 15:08
Modified
2024-11-06 03:34
Summary
Red Hat Security Advisory: AMQ Broker 7.11.1.OPR.2.GA Container Images Release
Notes
Topic
This is the multiarch release of the AMQ Broker 7.11.1 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container Platform.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.
This release of the AMQ Broker 7.11.1 aligned Operator includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* amq-broker-operator-container: Red Hat AMQ Broker Operator: plaintext password in operator log (CVE-2023-4065)
* activemq-broker-operator: Red Hat AMQ Broker Operator: Passwords defined in secrets shown in StatefulSet yaml (CVE-2023-4066)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
For information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is the multiarch release of the AMQ Broker 7.11.1 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.\n\nThis release of the AMQ Broker 7.11.1 aligned Operator includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* amq-broker-operator-container: Red Hat AMQ Broker Operator: plaintext password in operator log (CVE-2023-4065)\n\n* activemq-broker-operator: Red Hat AMQ Broker Operator: Passwords defined in secrets shown in StatefulSet yaml (CVE-2023-4066)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4720",
"url": "https://access.redhat.com/errata/RHSA-2023:4720"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/"
},
{
"category": "external",
"summary": "2224630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224630"
},
{
"category": "external",
"summary": "2224677",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224677"
},
{
"category": "external",
"summary": "ENTMQBR-7804",
"url": "https://issues.redhat.com/browse/ENTMQBR-7804"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4720.json"
}
],
"title": "Red Hat Security Advisory: AMQ Broker 7.11.1.OPR.2.GA Container Images Release",
"tracking": {
"current_release_date": "2024-11-06T03:34:01+00:00",
"generator": {
"date": "2024-11-06T03:34:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2023:4720",
"initial_release_date": "2023-08-23T15:08:15+00:00",
"revision_history": [
{
"date": "2023-08-23T15:08:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-08-23T15:08:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T03:34:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"product": {
"name": "amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"product_id": "amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator-bundle\u0026tag=7.11.1-12"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.11.1-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.11.1-9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"product": {
"name": "amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"product_id": "amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel8-operator\u0026tag=7.11.1-9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64"
},
"product_reference": "amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
},
"product_reference": "amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4065",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2023-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2224630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Operator: plaintext password in operator log",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4065"
},
{
"category": "external",
"summary": "RHBZ#2224630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4065",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4065"
}
],
"release_date": "2023-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-08-23T15:08:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4720"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Operator: plaintext password in operator log"
},
{
"cve": "CVE-2023-4066",
"cwe": {
"id": "CWE-313",
"name": "Cleartext Storage in a File or on Disk"
},
"discovery_date": "2023-07-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2224677"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat\u0027s AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Operator: Passwords defined in secrets shown in StatefulSet yaml",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4066"
},
{
"category": "external",
"summary": "RHBZ#2224677",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224677"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4066"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4066",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4066"
}
],
"release_date": "2023-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-08-23T15:08:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4720"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator-bundle@sha256:2da4c3e7edd27833b01c2c89e815694fc5521b1fba56a56fab4c6421d550c091_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:200dabaa7d3d7ef22353e5f70e8d7b12fe36c8e7a6c39bfa518c6187d76a9f3f_ppc64le",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:9c737dd9ea0e03d26997391b7ea08c51923fdbb3bd0852f00e58d96c78c27297_amd64",
"8Base-RHOSE-Middleware:amq7/amq-broker-rhel8-operator@sha256:f3a205691b5d9f5623a52c756825c14bc37cb1c9e8997c915293d00ff18572a6_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Operator: Passwords defined in secrets shown in StatefulSet yaml"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.