VYPR

rhacm

by Red Hat

CVEs (2)

  • CVE-2022-3841Jan 11, 2023
    risk 0.00cvss epss 0.00

    RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is…

  • CVE-2020-25688Nov 23, 2020
    risk 0.00cvss epss 0.00

    A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository. This would result in all installations using the same certificates. If an attacker could observe network…