144 matches found
GHSA-26HR-Q2WP-RVC5 User with permission to write actions can impersonate another user when auth token is configured in environment variable
Impact When lakeFS is configured with ALL of the following: - Configuration option auth.encrypt.secretkey passed through environment variable - Actions enabled via configuration option actions.enabled default enabled then a user who can configure an action can impersonate any other user. Patches...
CVE-2023-41904
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...
CVE-2023-41904
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...
PT-2023-16542 · Red Hat +1 · Openshift Console +1
Name of the Vulnerable Software and Affected Versions: OpenShift console affected versions not specified Description: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced,...
aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2023-36053 via django (>=4.2.0 <=4.2.29)
django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2023-36053 Source advisory: OSV:GHSA-JH3W-4VVF-MJGR...
CVE-2023-26258
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute a...
CVE-2023-24030
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a us...
missing permission check for API /setting/workspace/member/update
Proof of Concept 1 user1 是workspace1的空间管理员 2 user2 是workspace1的成员 3 user1 更新user2的信息,比如将其更新为空间管理员 4 使用burpsuite拦截请求 POST /setting/workspace/member/update HTTP/1.1 Host: 192.168.213.128:8081 Content-Length: 144 Accept-Language: zh-CN WORKSPACE: bd6fc04b-15af-43dc-8cb6-411deaec81a7 User-Agent:...
UBUNTU-CVE-2023-1387
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter authtoken and use it as the authentication token. By enabling the "urllogin" configuration option disabled by default, a...
JWT URL-login flow leaks token to data sources through request parameter in proxy requests
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter authtoken and use it as the authentication token. By enabling the “urllogin” configuration option disabled by default, a...
PT-2022-26184 · Unknown · Bigbluebutton
Name of the Vulnerable Software and Affected Versions: BigBlueButton versions prior to 2.4.3 Description: The issue is related to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to validateAuthToken using a victim's userId,...
CVE-2022-24414
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attac...
Design/Logic Flaw
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attac...
CVE-2022-24414
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attac...
CVE-2022-24414
CVE-2022-24414 affects Dell EMC CloudLink 7.1.3 and earlier. The authentication token is exposed in GET request parameters, which can be logged by reverse proxies and servers, potentially allowing attackers to access the CloudLink server. The underlying issue is insecure token usage in URLs. Expe...
PT-2022-13879 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.6 through 14.8.5 GitLab versions 14.9 through 14.9.3 GitLab versions 14.10 through 14.10.0 Description: An issue has been discovered in GitLab where the platform was not correctly authenticating a user who had a certain...
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5 prod...
CVE-2022-24414
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attac...
Security Bulletin: IBM i2 Analyze and i2 Analyst's Notebook Premium has session handling vulnerability (CVE-2021-20431)
Summary i2 Analyze is subject to an auth token expiration vulnerability. Vulnerability Details CVEID: CVE-2021-20431 DESCRIPTION: IBM i2 Analyst's Notebook Premium does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. CVSS Base...
CVE-2021-34807
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any U...