Lucene search
China National Vulnerability DatabaseCNVD-2022-08148HistoryJan 27, 2022 - 12:00 a.m.
OneBlog permission permission and access control issues vulnerability
2022-01-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
oneblog
java
permission
access control
vulnerability
network system
product
unauthorized roles
administrators
exploit
senior administrators
privileges
cnvd
EPSS
0.001
Percentile
24.8%
OneBlog is a beautiful, powerful Java blog. OneBlog in version 2.2.8 and earlier is vulnerable to a permission permission and access control issue, which stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could exploit the vulnerability to cause lower-level administrators can remove senior administrators who exceed their privileges.
Related
cvelist
cvelist
CVE-2021-46085
2022-01-25 15:52:24
prion
prion
Design/Logic Flaw
2022-01-25 16:15:00
osv
osv
CVE-2021-46085
2022-01-25 16:15:08
nvd
nvd
CVE-2021-46085
2022-01-25 16:15:08
cve
cve
CVE-2021-46085
2022-01-25 16:15:08