Lucene search
RedhatCVELIST:CVE-2018-10937HistorySep 11, 2018 - 4:00 p.m.
CVE-2018-10937
2018-09-1116:00:00
CWE-79
redhat
www.cve.org
2
4.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
0.001 Low
EPSS
Percentile
48.2%
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim.
CNA Affected
[
{
"product": "Openshift Container Platform",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "3.11"
}
]
}
]Related
nvd
nvd
CVE-2018-10937
2018-09-11 16:29:00
osv
osv
CVE-2018-10937
2018-09-11 16:29:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2018-08-28 06:11:36
prion
prion
Cross site scripting
2018-09-11 16:29:00
cve
cve
CVE-2018-10937
2018-09-11 16:29:00
redhatcve
redhatcve
CVE-2018-10937
2020-04-09 10:18:13
4.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
0.001 Low
EPSS
Percentile
48.2%
Related for CVELIST:CVE-2018-10937