Published: 28/12/2022 Updated: 11/04/2024

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 0

A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216987.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift container platform 4.0
redhat openshift osin 1.0.1
redhat openshift osin 1.0.0

DescriptionThe MITRE CVE dictionary describes this issue as: A vulnerability was found in OpenShift OSIN It has been classified as problematic This affects the function ClientSecretMatches/CheckClientSecret The manipulation of the argument secret leads to observable timing discrepancy The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4 ...

CWE-203 https://vuldb.com/?id.216987 https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29 https://github.com/openshift/osin/pull/200 https://vuldb.com/?ctiid.216987 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2021-4294

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-4294

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect