Описание
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users.
Ссылки
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8.1 (включая)
cpe:2.3:a:mitre:caldera:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00882
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-269
Связанные уязвимости
CVSS3: 8.1
github
около 4 лет назад
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users.
EPSS
Процентиль: 75%
0.00882
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-269