High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-08	CVE-2023-6001	Missing Authorization vulnerability in Yugabyte Yugabytedb Prometheus metrics are available without authentication. network low complexity yugabyte CWE-862	7.5
2023-08-30	CVE-2023-4640	Unspecified vulnerability in Yugabyte Yugabytedb The controller responsible for setting the logging level does not include any authorization checks to ensure the user is authenticated. network low complexity yugabyte	7.5
2019-08-05	CVE-2019-3800	Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. local low complexity pivotal apigee newrelic microsoft appdynamics bluemedora contrastsecurity cyberark datadoghq datastax dynatrace forgerock google ibm pagerduty riverbed signalsciences wavefront tibco solace snyk samba splunk sumologic synopsys yugabyte anynines CWE-200	7.8