Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API.
References
Link | Resource |
---|---|
https://github.com/redpanda-data/redpanda/compare/v23.1.20...v23.1.21 | Release Notes |
https://github.com/redpanda-data/redpanda/compare/v23.2.17...v23.2.18 | Release Notes |
https://github.com/redpanda-data/redpanda/issues/15048 | Exploit Issue Tracking |
https://github.com/redpanda-data/redpanda/pull/14969 | Issue Tracking Patch |
https://github.com/redpanda-data/redpanda/pull/15060 | Issue Tracking Patch |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-17T00:00:00
Updated: 2023-12-17T23:15:09.141264
Reserved: 2023-12-17T00:00:00
Link: CVE-2023-50976
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-18T00:15:11.253
Modified: 2023-12-22T21:23:23.067
Link: CVE-2023-50976
JSON object: View
Redhat Information
No data.
CWE