DescriptionA Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3v.
Upstream Security Advisories:
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database|
|Access Vector||Adjacent Network|
|National Vulnerability Database||SUSE|
|Attack Vector||Adjacent Network||Adjacent Network|
SUSE Security Advisories:
- GHSA-27q8-g55w-83p9, published Fri Dec 17 06:45:33 CET 2021
SUSE Timeline for this CVECVE page created: Tue Oct 19 12:00:48 2021
CVE page last modified: Thu Jan 19 18:23:15 2023