exploitDog

CVE-2022-25318

Опубликовано: 18 фев. 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.

Ссылки

https://github.com/cerebrate-project/cerebrate/commit/15190b930ebada9e8d294db57c96832799d9d93e
Patch
Third Party Advisory
https://zigrin.com/advisories/cerebrate-an-incorrect-sharing-group-acl/
Third Party Advisory
https://github.com/cerebrate-project/cerebrate/commit/15190b930ebada9e8d294db57c96832799d9d93e
Patch
Third Party Advisory
https://zigrin.com/advisories/cerebrate-an-incorrect-sharing-group-acl/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cerebrate-project:cerebrate:*:*:*:*:*:*:*:*

Версия до 1.4 (включая)

EPSS

Процентиль: 36%

0.00154

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

GHSA-w5qc-7g9r-478j

CVSS3: 4.3

github

почти 4 года назад

An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.

EPSS

Процентиль: 36%

0.00154

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-863