Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.6
CVE-2024-6840
- EPSS 0.14%
- Published 12.09.2024 17:15:05
- Last modified 12.09.2024 18:14:03
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in priv...
5.4
CVE-2023-3971
- EPSS 0.44%
- Published 04.10.2023 15:15:12
- Last modified 21.11.2024 08:18:25
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
1