CVE-2018-1002102

LOW Year: 2018
CVSS v3 Score
2.6
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-601
View all →

Vulnerability Description

Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.

Related Vulnerabilities

CVE-2023-3515

LOW
CVSS:3.0(Low)

Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.

CWE-6012023

CVE-2019-14882

LOW
CVSS:3.1(Low)

A vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to 3.5.9 and earlier where an open redirect existed in the Lesson edit page.

CWE-6012019

CVE-2022-44717

LOW
CVSS:3.1(Low)

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted ...

CWE-6012022

CVE-2024-21684

LOW
CVSS:3.1(Low)

There is a low severity open redirect vulnerability within affected versions of Bitbucket Data Center. Versions of Bitbucket DC from 8.0.0 to 8.9.12 and 8.19.0 to 8.19.1 are affected by this vulnerabi...

CWE-6012024

CVE-2024-28344

LOW
CVSS:3.1(Low)

An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the "back" parameter in the URL through a double encod...

CWE-6012024