{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T18:12:31.914","vulnerabilities":[{"cve":{"id":"CVE-2019-3899","sourceIdentifier":"secalert@redhat.com","published":"2019-04-22T16:29:01.787","lastModified":"2024-11-21T04:42:49.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11."},{"lang":"es","value":"Se encontró que la configuración predeterminada de Heketi no requiere ninguna autenticación, y expone potencialmente la interfaz de gestión a un mal uso. Esta situación sólo afecta a heketi tal y como se envía con Openshift Container Platform versión 3.11."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-592"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","matchCriteriaId":"2F87326E-0B56-4356-A889-73D026DB1D4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:heketi_project:heketi:-:*:*:*:*:*:*:*","matchCriteriaId":"6BC41E3F-D4DC-468D-BC6D-4B5F7B679DE3"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2019:3255","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3899","source":"secalert@redhat.com","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3255","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3899","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Mitigation","Third Party Advisory"]}]}}]}