Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-25032 CVE-2021-3634 CVE-2021-3672 CVE-2021-3737 CVE-2021-4189 CVE-2021-23177 CVE-2021-23222 CVE-2021-25219 CVE-2021-31566 CVE-2022-0778 CVE-2022-1154 CVE-2022-1271 CVE-2022-1902 CVE-2022-24407

Source

Synopsis

Important: RHACS 3.68 security update

Type/Severity

Security Advisory: Important

Topic

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Release of RHACS 3.68.2

Security Fix(es):

stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext (CVE-2022-1902)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

If you are using the RHACS 3.68.1, you are advised to upgrade to patch release 3.68.2.

Affected Products

Red Hat Advanced Cluster Security for Kubernetes 3 x86_64

Fixes

BZ - 2090957 - CVE-2022-1902 stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext
ROX-9657 - Patch supported RHACS images previous to 3.69.0 release to fix RHSA-2022:0658
ROX-11391 - Release RHACS 3.68.2

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook