Kiali 1.15.1

CPE Details

Kiali 1.15.1
1.15.1
2020-03-27
13h00 +00:00
2020-03-27
13h00 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:kiali:kiali:1.15.1:*:*:*:*:*:*:*

Informations

Vendor

kiali

Product

kiali

Version

1.15.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-20278 2021-05-28 08h42 +00:00 An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy `OpenID` is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID `implicit flow` is used with RBAC turned off, this token validation doesn't occur, and this allows a malicious user to bypass the authentication.
6.5
Moyen