Описание
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.
Ссылки
- Patch
- PatchThird Party Advisory
- Patch
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024-01-23 (исключая)
cpe:2.3:a:mintplexlabs:vector_admin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00028
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 6.5
github
около 2 лет назад
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.
EPSS
Процентиль: 8%
0.00028
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-287