CVE-2022-46383

2022-12-0600:00:00

mitre

www.cve.org

vulnerability

digital rebar

privileged token

api endpoint

access control

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

66.2%

JSON

RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.

References

docs.rackn.io/en/latest/doc/security/cve_2022_46383.html

rackn.com/products/rebar/