Lucene search
GoogleOSV:CVE-2023-32079HistoryAug 24, 2023 - 11:15 p.m.
CVE-2023-32079
2023-08-2423:15:08
Google
osv.dev
6
netmaker
wireguard
vulnerability
escalate privileges
patch
docker
upgrade
Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run docker pull gravitl/netmaker:v0.17.1 and docker-compose up -d. This will switch them to the patched users If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone using version 0.17.1 can pull the latest docker image of the backend and restart the server.
Related
cvelist
cvelist
CVE-2023-32079 Netmaker Privilige Escalation Vulnerability
2023-08-24 22:03:43
osv
osv
prion
prion
Design/Logic Flaw
2023-08-24 23:15:00
veracode
veracode
Privilege Escalation
2023-08-29 12:38:11
github
github
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User
2023-08-25 18:42:53
cve
cve
CVE-2023-32079
2023-08-24 23:15:08
nvd
nvd
CVE-2023-32079
2023-08-24 23:15:08