A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.
registry.redhat.io/rhosdt/tempo Rocky
Fixed in: gateway-rhel8@sha256:5a260f0177ba665c6398b22c2f0cd86689fe86e98e7379f48eb711c8318775d8_ppc64le RHSA-2024:10948 Fixed in: operator-bundle@sha256:a980e21c5cf96387bee07f2f271e73060bb5032ac969d678dc1f718841531ecb_amd64 RHSA-2024:10948 Fixed in: gateway-rhel8@sha256:2f1053d920b634c03adf787bac07d0db0fbb4e13357ce979902baeb2ff733b90_amd64 RHSA-2024:10948 Fixed in: rhel8-operator@sha256:16785eee630f86dc75a04c1d5dd8ece16d6420cb63f1e1796ef77adcbf8662ff_amd64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:3909b942c71db863fbc481af0af40f3240c9971e15eaf85bee91cc9c65ac25a8_amd64 RHSA-2024:10948 Fixed in: rhel8@sha256:98440fdde03e04959fb1bdf157d8ccbe0d0dcf203d4424ad3964e2aebc44feac_amd64 RHSA-2024:10948 Fixed in: gateway-rhel8@sha256:1640c44f165db87d174d81ad44517bd76218e4611aa6ea5c717244d4483796c4_arm64 RHSA-2024:10948 Fixed in: rhel8-operator@sha256:a7a52669ccbb713b6e1c490b3ac4a34384bca1e2b37a7e7b9027763641977f12_arm64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:0def8c260423b78d00003438539c0fd4d67312a52c12ec8e255df953c101b782_arm64 RHSA-2024:10948 Fixed in: rhel8@sha256:4d301062f6bac47d758ee27b4863dc32bfeb94af8f79b22c72bfc186e6303c73_arm64 RHSA-2024:10948 Fixed in: rhel8-operator@sha256:e253ee88974b1b7369cccd809c00c5cb0e9f57a277858072637e009a427f8d50_ppc64le RHSA-2024:10948 Fixed in: query-rhel8@sha256:2a3af1845a046f2442de636e19fb34b8879492591a09097eddc228a3b283e166_ppc64le RHSA-2024:10948 Fixed in: rhel8@sha256:0fc7d7de882de2669d46e89801647587ac7ef1ea7e5573740b6b16371e5d76de_ppc64le RHSA-2024:10948 Fixed in: gateway-rhel8@sha256:af6ac3d39a420bc4d12b5214b5b34fdbfd60484409ac08e83d6e33ec3724c528_s390x RHSA-2024:10948 Fixed in: rhel8-operator@sha256:a170105e1ef1791968db593603aefba6492b3ac50aa90bbff0075b767602038c_s390x RHSA-2024:10948 Fixed in: query-rhel8@sha256:993b70c4740b88d399a0c68187adb9d0763492dede603d7989b7222f8fd5b185_s390x RHSA-2024:10948 Fixed in: rhel8@sha256:f5fa1289dcd26c961b6976d196eb800dedba7655a6545a697fc1ebe3dcb3517c_s390x RHSA-2024:10948 registry.redhat.io/rhosdt/tempo Red Hat / RHEL
Fixed in: gateway-rhel8@sha256:2f1053d920b634c03adf787bac07d0db0fbb4e13357ce979902baeb2ff733b90_amd64 RHSA-2024:10948 Fixed in: operator-bundle@sha256:a980e21c5cf96387bee07f2f271e73060bb5032ac969d678dc1f718841531ecb_amd64 RHSA-2024:10948 Fixed in: rhel8-operator@sha256:16785eee630f86dc75a04c1d5dd8ece16d6420cb63f1e1796ef77adcbf8662ff_amd64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:3909b942c71db863fbc481af0af40f3240c9971e15eaf85bee91cc9c65ac25a8_amd64 RHSA-2024:10948 Fixed in: rhel8@sha256:98440fdde03e04959fb1bdf157d8ccbe0d0dcf203d4424ad3964e2aebc44feac_amd64 RHSA-2024:10948 Fixed in: gateway-rhel8@sha256:1640c44f165db87d174d81ad44517bd76218e4611aa6ea5c717244d4483796c4_arm64 RHSA-2024:10948 Fixed in: rhel8-operator@sha256:a7a52669ccbb713b6e1c490b3ac4a34384bca1e2b37a7e7b9027763641977f12_arm64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:0def8c260423b78d00003438539c0fd4d67312a52c12ec8e255df953c101b782_arm64 RHSA-2024:10948 Fixed in: rhel8@sha256:4d301062f6bac47d758ee27b4863dc32bfeb94af8f79b22c72bfc186e6303c73_arm64 RHSA-2024:10948 Fixed in: gateway-rhel8@sha256:5a260f0177ba665c6398b22c2f0cd86689fe86e98e7379f48eb711c8318775d8_ppc64le RHSA-2024:10948 Fixed in: rhel8-operator@sha256:e253ee88974b1b7369cccd809c00c5cb0e9f57a277858072637e009a427f8d50_ppc64le RHSA-2024:10948 Fixed in: query-rhel8@sha256:2a3af1845a046f2442de636e19fb34b8879492591a09097eddc228a3b283e166_ppc64le RHSA-2024:10948 Fixed in: rhel8@sha256:0fc7d7de882de2669d46e89801647587ac7ef1ea7e5573740b6b16371e5d76de_ppc64le RHSA-2024:10948 Fixed in: gateway-rhel8@sha256:af6ac3d39a420bc4d12b5214b5b34fdbfd60484409ac08e83d6e33ec3724c528_s390x RHSA-2024:10948 Fixed in: rhel8-operator@sha256:a170105e1ef1791968db593603aefba6492b3ac50aa90bbff0075b767602038c_s390x RHSA-2024:10948 Fixed in: query-rhel8@sha256:993b70c4740b88d399a0c68187adb9d0763492dede603d7989b7222f8fd5b185_s390x RHSA-2024:10948 Fixed in: rhel8@sha256:f5fa1289dcd26c961b6976d196eb800dedba7655a6545a697fc1ebe3dcb3517c_s390x RHSA-2024:10948 registry.redhat.io/rhosdt/tempo-gateway Red Hat / RHEL
Fixed in: opa-rhel8@sha256:831bc3d120a4998eb256c44aa54887add11cceb817cf6a105733cfd828f58c5c_s390x RHSA-2024:10948 Fixed in: opa-rhel8@sha256:878871eb4c91180b2c4633ad7c40d0800349c665fe0c708e5c2e0e1f8d35c48c_amd64 RHSA-2024:10948 Fixed in: opa-rhel8@sha256:7d31db98b11b155b16b355342bfa2963f6bb7481738e02e4bdcf00e43d48f0a2_ppc64le RHSA-2024:10948 Fixed in: opa-rhel8@sha256:08b32341cc141f5151497b2c8a321b19dc6e666004bd72f32d5900c7874da794_arm64 RHSA-2024:10948 registry.redhat.io/rhosdt/tempo-gateway Rocky
Fixed in: opa-rhel8@sha256:831bc3d120a4998eb256c44aa54887add11cceb817cf6a105733cfd828f58c5c_s390x RHSA-2024:10948 Fixed in: opa-rhel8@sha256:08b32341cc141f5151497b2c8a321b19dc6e666004bd72f32d5900c7874da794_arm64 RHSA-2024:10948 Fixed in: opa-rhel8@sha256:7d31db98b11b155b16b355342bfa2963f6bb7481738e02e4bdcf00e43d48f0a2_ppc64le RHSA-2024:10948 Fixed in: opa-rhel8@sha256:878871eb4c91180b2c4633ad7c40d0800349c665fe0c708e5c2e0e1f8d35c48c_amd64 RHSA-2024:10948 registry.redhat.io/rhosdt/tempo-jaeger Red Hat / RHEL
Fixed in: query-rhel8@sha256:7ceea9e3ce08b9a5f0de4365e1a17e5cefe3af093f007c0ccf8b026772adcac8_amd64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:09973f99b7d1f6804d11afbbb4748810d0b2b4aaca373b419d1da2150828cecb_s390x RHSA-2024:10948 Fixed in: query-rhel8@sha256:7470820932e792733adb52ff7360b2013e797d91ef0bdc9f363f9b2ae6b8f26c_arm64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:df35e34b9ffed7903fba071e2a98e0da58e731cee69023745da5abbc670dc14c_ppc64le RHSA-2024:10948 registry.redhat.io/rhosdt/tempo-jaeger Rocky
Fixed in: query-rhel8@sha256:09973f99b7d1f6804d11afbbb4748810d0b2b4aaca373b419d1da2150828cecb_s390x RHSA-2024:10948 Fixed in: query-rhel8@sha256:df35e34b9ffed7903fba071e2a98e0da58e731cee69023745da5abbc670dc14c_ppc64le RHSA-2024:10948 Fixed in: query-rhel8@sha256:7470820932e792733adb52ff7360b2013e797d91ef0bdc9f363f9b2ae6b8f26c_arm64 RHSA-2024:10948 Fixed in: query-rhel8@sha256:7ceea9e3ce08b9a5f0de4365e1a17e5cefe3af093f007c0ccf8b026772adcac8_amd64 RHSA-2024:10948 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction Required
Scope Unchanged
Impact
Confidentiality High
Integrity Low
Availability Low
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
0.32% probability of exploitation in 30 days
24th percentile
Low risk: more likely to be exploited than 24% of all known CVEs.
Other CWE-294 vulnerabilities, ordered by exploit likelihood. View all
Embed a live status badge for CVE-2024-8260 Markdown
[](https://tridentstack.com/cve/CVE-2024-8260)HTML
<a href="https://tridentstack.com/cve/CVE-2024-8260"><img src="https://tridentstack.com/cve/badge/CVE-2024-8260.svg" alt="CVE-2024-8260"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-09-19.