RosarioSIS Improper Access Control vulnerability

2023-02-2403:30:14

Google

osv.dev

github

vulnerability

software

access control

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

47.4%

JSON

Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.8.2.

CPENameOperatorVersion
francoisjacquet/rosariosiseq7.0
francoisjacquet/rosariosiseq6.0-beta
francoisjacquet/rosariosiseq5.8-beta3
francoisjacquet/rosariosiseq7.1
francoisjacquet/rosariosiseq7.9.2
francoisjacquet/rosariosiseq5.5.1
francoisjacquet/rosariosiseq6.4.2
francoisjacquet/rosariosiseq5.4.5
francoisjacquet/rosariosiseq6.7.1
francoisjacquet/rosariosiseq5.4.6

Name	Operator	Version
francoisjacquet/rosariosis	eq	7.0
francoisjacquet/rosariosis	eq	6.0-beta
francoisjacquet/rosariosis	eq	5.8-beta3
francoisjacquet/rosariosis	eq	7.1
francoisjacquet/rosariosis	eq	7.9.2
francoisjacquet/rosariosis	eq	5.5.1
francoisjacquet/rosariosis	eq	6.4.2
francoisjacquet/rosariosis	eq	5.4.5
francoisjacquet/rosariosis	eq	6.7.1
francoisjacquet/rosariosis	eq	5.4.6