5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%
hail is is vulnerable to Authentication Bypass. The vulnerability is due to improper validation while handling OpenID Connect (OIDC) email addresses. This lack of verification of the user’s email domain allows an attacker to manipulate their email address to match an organization’s domain with organization level permissions, allowing the attacker gain unauthorized access to some resources in Hail Batch clusters, such as the ability to run hail jobs.
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%