Количество 2
Количество 2
CVE-2022-36110
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions via the API. This problem has been patched in v0.15.1.
GHSA-ggf6-638m-vqmg
Netmaker vulnerable to Insufficient Granularity of Access Control
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-36110 Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions via the API. This problem has been patched in v0.15.1. | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад |
| GHSA-ggf6-638m-vqmg Netmaker vulnerable to Insufficient Granularity of Access Control | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу