A vulnerability has been identified in which unauthenticated cross-site
scripting (XSS) in the API Server's public API endpoint can be
exploited, allowing an attacker to execute arbitrary JavaScript code in the victim browser
Metrics
Affected Vendors & Products
References
History
Wed, 16 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Kubernetes
Kubernetes apiserver |
|
CPEs | cpe:2.3:a:kubernetes:apiserver:*:*:*:*:*:*:*:* | |
Vendors & Products |
Kubernetes
Kubernetes apiserver |
|
Metrics |
ssvc
|
Wed, 16 Oct 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in the API Server's public API endpoint can be exploited, allowing an attacker to execute arbitrary JavaScript code in the victim browser | |
Title | Rancher API Server Cross-site Scripting Vulnerability | |
Weaknesses | CWE-80 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: suse
Published: 2024-10-16T12:23:17.271Z
Updated: 2024-10-16T17:25:48.514Z
Reserved: 2023-05-04T08:30:59.322Z
Link: CVE-2023-32192
Vulnrichment
Updated: 2024-10-16T16:25:36.703Z
NVD
Status : Awaiting Analysis
Published: 2024-10-16T13:15:12.297
Modified: 2024-10-16T16:38:14.557
Link: CVE-2023-32192
Redhat
No data.