Vulnerabilities > CVE-2024-50312 - Unspecified vulnerability in Redhat Openshift Container Platform 4.0

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

redhat

NVD

Published: 2024-10-22

Updated: 2024-10-30

Summary

A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Openshift Container Platform 4.0	1

References

https://access.redhat.com/security/cve/CVE-2024-50312
https://bugzilla.redhat.com/show_bug.cgi?id=2319378
https://github.com/openshift/console/pull/14409/files