Incomplete Protection in Rapid Reset for Red Hat's ose-olm-catalogd-container
CVE-2024-12698

6.5MEDIUM

Key Information:

Status
Red Hat Openshift Container Platform 4.18
Vendor
CVE Published:
18 December 2024

What is CVE-2024-12698?

CVE-2024-12698 represents a security vulnerability concerning the ose-olm-catalogd-container, identified by Red Hat. This issue stems from an inadequate resolution of the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487), where the focus was solely on unauthenticated streams, leaving authenticated streams vulnerable. As a result, the protocol does not fully secure all data streams, exposing systems to potential unauthorized access and manipulation by malicious actors. Users of affected versions are strongly encouraged to apply the latest security updates to mitigate risks associated with this threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2024:6122
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12698
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2332674
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.