Lucene search
MendCVELIST:CVE-2022-32169HistorySep 21, 2022 - 12:00 a.m.
CVE-2022-32169 bytebase - Improper Authorization
2022-09-2100:00:00
CWE-285
Mend
www.cve.org
cve-2022
bytebase
improper authorization
unauthorized access
admin issues
endpoint
/issue
The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”.
CNA Affected
[
{
"product": "bytebase",
"vendor": "bytebase",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.0.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
github
github
Bytebase does not restrict low privilege user to access admin issues
2022-09-29 00:00:27
osv
osv
CVE-2022-32169
2022-09-28 10:15:09
Bytebase does not restrict low privilege user to access admin issues
2022-09-29 00:00:27
cnvd
cnvd
Bytebase Access Control Error Vulnerability
2022-09-30 00:00:00
veracode
veracode
Authorization Bypass
2022-09-29 07:12:42
nvd
nvd
CVE-2022-32169
2022-09-28 10:15:09
prion
prion
Open redirect
2022-09-28 10:15:00
cve
cve
CVE-2022-32169
2022-09-28 10:15:09