Unrated severityNVD Advisory· Published Sep 1, 2022· Updated Aug 3, 2024
CVE-2022-1902
CVE-2022-1902
Description
A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifiers from the GraphQL API, revealing secrets that can escalate their privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Red Hat Advanced Cluster Security for Kubernetes/Red Hat Advanced Cluster Security for Kubernetesdescription
Patches
Vulnerability mechanics
References
3- access.redhat.com/security/cve/CVE-2022-1902mitrex_refsource_MISC
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- github.com/stackrox/stackrox/pull/1803mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.