Lucene search
GoogleOSV:BIT-HARBOR-2024-22278HistoryAug 10, 2024 - 7:20 a.m.
BIT-harbor-2024-22278
2024-08-1007:20:13
Google
osv.dev
3
harbor
permission validation
authenticated users
configurations
software
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
AI Score
6.5
Confidence
Low
EPSS
0
Percentile
14.5%
Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations.
Related
github
github
osv
osv
Harbor fails to validate the user permissions when updating project configurations in github.com/goharbor/harbor
2024-08-06 22:03:16
Harbor fails to validate the user permissions when updating project configurations
2024-07-31 16:53:13
CVE-2024-22278
2024-08-02 01:15:23
veracode
veracode
Improper Permission Validation
2024-08-01 05:55:49
cve
cve
CVE-2024-22278
2024-08-02 01:15:23
vulnrichment
vulnrichment
cvelist
cvelist
nvd
nvd
CVE-2024-22278
2024-08-02 01:15:23
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
AI Score
6.5
Confidence
Low
EPSS
0
Percentile
14.5%
Related for OSV:BIT-HARBOR-2024-22278