Vulnerabilidades em edgexfoundry
3 resultadosCVE-2021-32753HIGHWeak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.EPSS 0.8%CVE-2021-41278MEDIUMBroken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectorsEPSS 0.3%CVE-2022-31066MEDIUMConfiguration API in EdgeXFoundry exposes message bus credentials to local unauthenticated usersEPSS 0.3%