Vulnerabilities (CVE)

Filtered by vendor Mirantis Subscribe
Filtered by product Container Cloud Lens Extension
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0484 1 Mirantis 1 Container Cloud Lens Extension 2024-02-04 6.8 MEDIUM 8.8 HIGH
Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open external programs other than the default browser to perform sign on to a new cluster. An attacker could host a webserver which serves a malicious Mirantis Container Cloud configuration file and induce the victim to add a new cluster via its URL. This issue affects: Mirantis Mirantis Container Cloud Lens Extension v3 versions prior to v3.1.1.