Описание
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.0 (исключая)
cpe:2.3:a:fit2cloud:cloudexplorer:*:*:*:*:lite:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
7.1 High
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-862
CWE-862
EPSS
Процентиль: 29%
0.00107
Низкий
7.1 High
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-862
CWE-862