ГлавнаяУязвимости → CVE-2022-45929
8.8высокая

CVE-2022-45929

Описание

Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect Access Control and allows users to change their roles and could allow privilege escalation from a low-privileged read-only user to a high-privileged user.

CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://mender.io/blog/cve-2022-45929-cve-2022-41324-improper-access-control-for-low-privileged-usershttps://northern.techhttps://mender.io/blog/cve-2022-45929-cve-2022-41324-improper-access-control-for-low-privileged-usershttps://northern.tech