Vulnerabilities exist for unauthorized access to sensitive information and application closure

# Detail
According to analysis and research, malicious attackers can use this unauthorized access vulnerability to obtain plaintext configuration information of redis, mongodb, rabbitmq and other applications on the cloud without authorization, and can further use these configuration information to obtain sensitive data on the cloud. In addition, the Dapr Dashboard configured with the Actions option (v0.2.0 verified) can be closed by a malicious attacker without authorization, causing business interruption.

# Example
![image](https://user-images.githubusercontent.com/91301016/192734336-9ba8229d-bf54-464a-9a5e-85caf3f1ffd9.png)
![image](https://user-images.githubusercontent.com/91301016/192735033-fe7702c1-cb52-4a5f-81b4-8efeb17fb724.png)

# Repair
**Temporary Mitigation**: Strict whitelist access controls can be applied to affected assets.
**Solution**: Add login authentication for Dapr Dashboard.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerabilities exist for unauthorized access to sensitive information and application closure #222

Detail

Example

Repair

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerabilities exist for unauthorized access to sensitive information and application closure #222

Description

Detail

Example

Repair

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions