Red Hat Vulnerabilità

Sequenza temporale

Genere

Not Defined350
Operating System213
Application Server Software184
Virtualization Software124
Cloud Software75

Prodotto

Red Hat Enterprise Linux112
Red Hat Linux80
Red Hat JBoss Enterprise Application Platform64
Red Hat Ansible41
Red Hat Ansible Tower29

Contromisure

Official Fix639
Temporary Fix0
Workaround5
Unavailable1
Not Defined353

Sfruttabilità

High18
Functional0
Proof-of-Concept80
Unproven36
Not Defined864

Accesso al vettore

Not Defined0
Physical1
Local278
Adjacent135
Network584

Autenticazione

Not Defined0
High16
Low355
None627

Interazione dell'utente

Not Defined0
Required132
None866

C3BM Index

CVSSv3 Base

≤10
≤20
≤35
≤4140
≤5142
≤6250
≤7185
≤8151
≤976
≤1049

CVSSv3 Temp

≤10
≤20
≤37
≤4150
≤5158
≤6278
≤7182
≤8133
≤963
≤1027

VulDB

≤10
≤21
≤317
≤4184
≤5136
≤6260
≤7143
≤8146
≤963
≤1048

NVD

≤10
≤20
≤33
≤49
≤512
≤668
≤766
≤880
≤945
≤1036

CNA

≤10
≤20
≤31
≤49
≤515
≤618
≤718
≤825
≤99
≤103

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤101

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k1
<2k3
<5k127
<10k361
<25k446
<50k60
<100k0
≥100k0

Exploiter aujourd'hui

<1k660
<2k41
<5k124
<10k140
<25k33
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (229): 3scale (1), 3scale API Management (1), 3scale API Management Platform (4), 3scale Admin Portal (1), 389 Directory Server (3), 389-ds-base (1), A-MQ Streams (1), AMQ (2), AMQ Broker (5), Advanced Cluster Management for Kubernetes (4), Advanced Cluster Security (1), Advanced Cluster Security for Kubernetes (1), Aeolus Conductor (1), Ansible (41), Ansible Automation Hub (1), Ansible Automation Platform (6), Ansible Base (1), Ansible Community (1), Ansible Engine (16), Ansible Playbooks (1), Ansible Tower (29), Ansible Vault (1), Application Platforms (1), Automatic Bug Reporting Tool (3), Business Central (1), CMAN (1), Cairo (1), Ceph (1), Ceph Storage (5), Ceph Storage RGW (1), Ceph Storage RadosGW (2), Certificate Server (2), Certificate System (8), Certification (1), CloudForms (19), CloudForms 2 Management Engine (1), CloudForms 3.0 Management Engine (8), CloudForms 3.1 Management Engine (2), CloudForms Cloud Engine (2), CloudForms Management Engine (5), Cloudforms (1), Cloudforms 3.0 Management Engine (4), Cluster Suite (2), Conga (3), Cygwin (1), DataGrid (1), Decision Manager (2), Dependency Analytics Plugin (1), Desktop (1), Developer Hub (1), Directory Server (12), Discovery Server (1), DocBook Stylesheets (1), Docker (1), Dogtag Certificate System (3), Enterprise Application Platform (3), Enterprise Linux (112), Enterprise Linux Desktop (9), Enterprise Linux HPC Node (5), Enterprise Linux Kernel (1), Enterprise Linux OpenStack (1), Enterprise Linux OpenStack Platform (1), Enterprise Linux Server (5), Enterprise Linux Server Aus (1), Enterprise Linux Server Supplementary (1), Enterprise Linux Workstation (6), Enterprise MRG (13), Enterprise Mrg (4), Enterprise Virtualization (18), Enterprise Virtualization Hypervisor (2), Enterprise Virtualization Manager (19), Evince (4), Fedora (6), Fedora Core (6), Fedora Directory Server (1), Feedhenry Enterprise Mobile Application Platform (1), FreeIPA (6), Glint (1), GlusterFS (7), Gluster Storage (6), Gluster Storage Server (1), IcedTea (3), IcedTea-Web (5), IcedTea6 (2), Infinispan (2), InterChange (1), JBoss (15), JBoss A-MQ (6), JBoss Application Server (4), JBoss BPMS (4), JBoss BPM Suite (8), JBoss BRMS (4), JBoss Core Services httpd (2), JBoss Data Grid (2), JBoss Data Virtualization (3), JBoss EAP (11), JBoss Enterprise (10), JBoss Enterprise Application Platform (64), JBoss Enterprise BRMS Platform (3), JBoss Enterprise Portal Platform (11), JBoss Enterprise SOA Platform (2), JBoss Fuse (4), JBoss Operations Network (13), JBoss Portal (5), JBoss Remoting (2), JBossWeb (1), JBoss Web Framework Kit (4), JBoss Web Server (1), JBoss WildFly Application Server (1), Jboss (1), Jboss Enterprise Soa Platform (1), Jboss Enterprise Web (1), Jboss Fuse Esb Enterprise (1), Jbpm-designer (1), KIE Server (1), KON (2), Kernel (1), KeyCloak (4), Keycloak (1), Kie Workbench (1), Linux (83), Linux Advanced Workstation (1), Linux Enterprise (1), Luci (1), ManageIQ EVM (1), ManageIQ Enterprise Virtualization Manager (1), Middleware Container (1), Mobile Application Platform (1), NetworkManager (1), Network Satelite Server (1), Network Satellite (11), Network Satellite Server (6), Nfs Utils (1), OpenShift (20), OpenShift API Management (1), OpenShift Assisted Installer (1), OpenShift Container Platform (2), OpenShift Container Platform 3 (1), OpenShift Data Science (2), OpenShift Enterprise (14), OpenShift Origin (5), OpenShift Service Mesh (1), OpenStack (16), OpenStack Platform (2), OpenStack Platform Director (2), Openshift (2), Openshift Container Storage (1), Openshift node-utils (1), Openstack (4), Openstack Enterprise (1), Openstack Folsom (2), PXE Server (1), PackStack (1), PolicyKit (1), Process Automation (2), Process Automation Manager (1), Quarkus (3), Quay (7), QuickStart Cloud Installer (4), RESTEasy (3), RHN (1), RPM (1), RPM Package Manager (8), Red Hat Certificate System (2), Remoting for SOA Platform (1), RichFaces (1), SDL (1), Satellite (25), Single Sign-On (6), Spacewalk (9), Storage Console (1), Storage Server (2), Stronghold (2), Subscription Asset Manager (2), TUX HTTP Server (1), Uberfire (1), Undertow (2), Update Infrastructure (1), VDI (1), Virtual Desktop Service Manager (1), WildFly (10), Wildfly Elytron (1), XML Language Server (1), XML Language Support (1), adminutil (1), cman (1), containers-image (1), dtach (1), enterprise linux (1), gfs2-utils (1), hawtjni (1), insights-client (1), jboss-client (1), jboss-remoting (1), katello-headpin (1), kdelibs (1), kexec-tools (3), keycloak (1), libvirt (17), livecd-tools (1), mcstrans (1), oVirt (1), open-iscsi (1), openshift (5), openshift-clients (1), openshift-logging (1), openstack (1), openstack-neutron (1), openstack-octavia (1), policycoreutils (2), ppp (1), python-eventlet (1), redhat-certification (5), redhat-sso-7 (1), rhevm-dwh (1), rhevm-reports (3), rhncfg (1), rpcbind (1), sos (2), spacewalk-java (2), spice-activex (1), spice-gtk (1), spice-xpi (4), subscription-manager (1), sysreport (1), system-config-firewall (1), system-config-printer (1), up2date (1), yum-rhn-plugin (1)

Link to Vendor Website: https://www.redhat.com/

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConEPSSCTICVE
10/04/20247.37.3Red Hat Enterprise Application Platform OIDC App autenticazione deboleSconosciutoNot DefinedNot Defined0.000430.05CVE-2023-6236
09/04/20247.37.3Red Hat JBoss Enterprise Application Platform HTTP Request escalazione di privilegiApplication Server SoftwareNot DefinedNot Defined0.000430.09CVE-2024-1233
04/04/20243.53.5Red Hat Undertow FormAuthenticationMechanism denial of serviceSconosciutoNot DefinedNot Defined0.000000.04CVE-2023-1973
15/03/20245.95.9Red Hat OpenStack openstack-designate Local Privilege EscalationCloud SoftwareNot DefinedNot Defined0.000430.03CVE-2023-6725
07/03/20247.27.2Red Hat OpenShift kubevirt-csi Privilege EscalationVirtualization SoftwareNot DefinedNot Defined0.000450.04CVE-2024-1725
29/02/20243.53.4Red Hat Ansible Automation Platform Websocket rivelazione di un 'informazioneAutomation SoftwareNot DefinedOfficial Fix0.000000.00CVE-2024-1657
20/02/20246.46.3Red Hat Undertow HTTP Upgrade WriteTimeoutStreamSinkConduit denial of serviceSconosciutoNot DefinedOfficial Fix0.000450.04CVE-2024-1635
14/02/20244.34.3Red Hat OpenShift Websocket cross site request forgeryVirtualization SoftwareNot DefinedNot Defined0.000430.04CVE-2024-1342
25/01/20244.64.6Red Hat OpenStack Access Rule denial of serviceCloud SoftwareNot DefinedNot Defined0.000000.02CVE-2023-6110
24/01/20244.84.7Red Hat Dependency Analytics Plugin escalazione di privilegiJenkins PluginNot DefinedOfficial Fix0.000440.02CVE-2024-23905
24/01/20248.08.0Red Hat Quarkus JSON Payload escalazione di privilegiSconosciutoNot DefinedNot Defined0.000680.04CVE-2023-6267
24/01/20245.55.5Red Hat Quarkus RestEasy JAX-RS Endpoint escalazione di privilegiSconosciutoNot DefinedNot Defined0.000000.04CVE-2023-5675
23/01/20246.96.9Red Hat oVirt GenericApiGWTService CreateUserSessionCommand autenticazione deboleVirtualization SoftwareNot DefinedOfficial Fix0.000770.03CVE-2024-0822
19/01/20244.24.2Red Hat Ansible Log rivelazione di un 'informazioneSconosciutoNot DefinedOfficial Fix0.000450.02CVE-2024-0690
19/12/20235.55.5Red Hat Developer Hub Catalog Import rivelazione di un 'informazioneSconosciutoNot DefinedOfficial Fix0.000490.00CVE-2023-6944
18/12/20234.74.7Red Hat Keycloak JARM Response RedirectSconosciutoNot DefinedNot Defined0.001510.00CVE-2023-6927
15/12/20237.16.9Red Hat keycloak/Single Sign-On/Middleware Container/ Admin User Interface denial of serviceMiddlewareNot DefinedOfficial Fix0.000920.02CVE-2023-6563
09/12/20237.47.3Red Hat Quarkus Websocket Remote Code ExecutionSconosciutoNot DefinedOfficial Fix0.000670.02CVE-2023-6394
03/11/20235.45.4Red Hat 3scale Admin Portal API Management rivelazione di un 'informazioneSconosciutoNot DefinedNot Defined0.000430.07CVE-2023-4910
02/11/20233.53.5Red Hat Ansible Template escalazione di privilegiSconosciutoNot DefinedNot Defined0.000420.07CVE-2023-5764
01/11/20236.06.0Red Hat python-eventlet denial of serviceProgramming Language SoftwareNot DefinedOfficial Fix0.000540.02CVE-2023-5625
06/10/20233.53.4Red Hat JBoss Enterprise Application Platform Class escalazione di privilegiApplication Server SoftwareNot DefinedOfficial Fix0.003620.00CVE-2023-3171
06/10/20232.42.4Red Hat WildFly Management User RBAC escalazione di privilegiApplication Server SoftwareNot DefinedNot Defined0.000750.00CVE-2023-4061
05/10/20234.74.7Red Hat OpenShift API escalazione di privilegiVirtualization SoftwareNot DefinedNot Defined0.000480.00CVE-2022-3248
05/10/20235.55.5Red Hat OpenShift Node Role Label Privilege EscalationVirtualization SoftwareNot DefinedNot Defined0.001330.00CVE-2023-5408

973 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 973 results.

PrecedenteVisione D'insiemeIl prossimo

Do you know our Splunk app?

Download it now for free!