CVE-2021-42562

2022-01-1218:46:00

mitre

www.cve.org

caldera 2.8.1

user privileges

non-admin access

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

26.1%

JSON

An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users.

References

github.com/DrunkenShells/Disclosures/tree/master/CVE-2021-42562-Improper%20Access%20Control-MITRE%20Caldera

github.com/mitre/caldera/releases