Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2020-10689

Published: 03/04/2020 Updated: 07/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.4 | Exploitability Score: 4.4
CVSS v3 Base Score: 6.8 | Impact Score: 5.9 | Exploitability Score: 0.9
VMScore: 436
Vector: AV:A/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Eclipse

Vulnerability Summary

A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

eclipse che

Vendor Advisories

Red Hat: Moderate: Red Hat CodeReady Workspaces 2.1.0 release
Synopsis Moderate: Red Hat CodeReady Workspaces 210 release Type/Severity Security Advisory: Moderate Topic Red Hat CodeReady Workspaces 210 has been releasedRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

References

NVD-CWE-Otherhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689https://github.com/eclipse/che/issues/15651https://access.redhat.com/errata/RHSA-2020:1475https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook