Lucene search
GoogleOSV:CVE-2023-47090HistoryOct 30, 2023 - 5:15 p.m.
CVE-2023-47090
2023-10-3017:15:52
Google
osv.dev
6
nats nats-server
authentication bypass
cve-2023-47090
software
authorization block
unauthenticated access
configuration
affected version
NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. An implicit $G user in an authorization block can sometimes be used for unauthenticated access, even when the intention of the configuration was for each user to have an account. The earliest affected version is 2.2.0.
Related
nessus
nessus
CBL Mariner 2.0 Security Update: telegraf (CVE-2023-47090)
2024-07-03 00:00:00
ubuntucve
ubuntucve
CVE-2023-47090
2023-10-30 00:00:00
github
github
NATS.io: Adding accounts for just the system account adds auth bypass
2023-10-19 16:13:03
cbl_mariner
cbl_mariner
CVE-2023-47090 affecting package telegraf for versions less than 1.28.5-1
2024-01-14 22:46:30
CVE-2023-47090 affecting package telegraf for versions less than 1.29.4-1
2024-04-17 22:02:46
veracode
veracode
Authentication Bypass
2023-10-31 06:24:29
osv
osv
NATS.io: Adding accounts for just the system account adds auth bypass
2023-10-19 16:13:03
Authorization bypass in github.com/nats-io/nats-server/v2
2023-10-24 20:27:36
CGA-8wrr-6c9x-2fp2
2024-06-06 12:25:18
debiancve
debiancve
CVE-2023-47090
2023-10-30 17:15:52
cgr
cgr
CVE-2023-47090 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2023-47090
2023-10-30 00:00:00
nvd
nvd
CVE-2023-47090
2023-10-30 17:15:52
cve
cve
CVE-2023-47090
2023-10-30 17:15:52
prion
prion
Authentication flaw
2023-10-30 17:15:00
wolfi
wolfi
CVE-2023-47090 vulnerabilities
2024-07-26 21:09:29