0.002 Low
EPSS
Percentile
61.9%
github.com/heketi/heketi does not require authentication to its management interface. This allows a remote attacker to gain unauthenticated access to management functions and perform further attacks against the application.
access.redhat.com/errata/RHSA-2019:3255
access.redhat.com/security/cve/CVE-2019-3899
bugzilla.redhat.com/show_bug.cgi?id=1701091
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3899