A flaw was found in OpenShift. The existing Cross-Site Request Forgery (CSRF) protections in place do not properly protect GET requests, allowing for the creation of WebSockets via CSRF.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-02-16T15:20:53.354Z
Updated: 2024-08-01T18:33:25.609Z
Reserved: 2024-02-07T22:26:19.404Z
Link: CVE-2024-1342
Vulnrichment
Updated: 2024-08-01T18:33:25.609Z
NVD
Status : Awaiting Analysis
Published: 2024-02-16T16:15:57.543
Modified: 2024-02-16T19:26:55.393
Link: CVE-2024-1342
Redhat