CVE-2024-5037
published 2024-06-05CVE-2024-5037: A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | openshift_container_platform | — | — |
| redhat | openshift_distributed_tracing | — | — |