GitHub Advisory DatabaseGHSA-97CP-MR4M-9MCFn8n Privilege Escalation vulnerability
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.4%
The n8n package prior to 0.216.1 for Node.js allows Escalation of Privileges.
Affected configurations
References
github.com/advisories/GHSA-97cp-mr4m-9mcf
github.com/n8n-io/n8n/commit/1414bfa7906ea089b9dc55853405e774a5384ce2
github.com/n8n-io/n8n/pull/5526
github.com/n8n-io/n8n/releases/tag/n8n%400.216.1
nvd.nist.gov/vuln/detail/CVE-2023-27563
security.netapp.com/advisory/ntap-20230622-0007/
www.synacktiv.com/sites/default/files/2023-05/Synacktiv-N8N-Multiple-Vulnerabilities_0.pdf
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.4%