CVE-2020-1761 Vulnerability Details

  /     /     /  

CVE-2020-1761 Metadata Quick Info

CVE Published: 27/05/2021 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: redhat | Vendor: n/a | Product: openshift/console
Status : PUBLISHED

---

CVE-2020-1761 Description

A flaw was found in the OpenShift web console, where the access token is stored in the browser\'s local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim\'s browser. This flaw affects openshift/console versions before openshift/console-4.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-358
CWE Name: CWE-358
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).