Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Use a ‘deny’ wildcard for base paths, then authenticate specifics within that: Examples: ``` deny: /* authenticated: /services/* ``` or ``` deny: /services/* roles-allowed: /services/rbac/* ``` NOTE: Products are only vulnerable if they use (or allow use of) path-based HTTP policy configuration. Products may also be affected–shipping the component in question–without being vulnerable (“affected at reduced impact”). See https://access.redhat.com/security/vulnerabilities/RHSB-2023-002 for more detailed mitigations.
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-25T21:55:31.368Z
Reserved: 2023-09-08T16:10:38.379Z
Link: CVE-2023-4853

No data.

Status : Modified
Published: 2023-09-20T10:15:14.947
Modified: 2024-11-21T08:36:06.910
Link: CVE-2023-4853


No data.