exploitDog

GHSA-32w5-2rp6-rg25

Опубликовано: 02 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision.

Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2023-1603

CVSS3: 6.5

nvd

почти 3 года назад

Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision.

EPSS

Процентиль: 11%

0.00038

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-863