Vulnerabilities > Redhat > Advanced Cluster Management FOR Kubernetes > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-01	CVE-2022-2238	SQL Injection vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. network low complexity redhat CWE-89	6.5
2020-11-09	CVE-2020-25655	Incorrect Authorization vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 An issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to users without the correct permissions. network low complexity redhat CWE-863	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.