Volume Identifier Information Leakage in Velero (prior to 1.4.3 and 1.5.2)
CVE-2020-3996 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Velero (prior to 1.4.3 and 1.5.2) in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users.
Learn more about our User Device Pen Test.