559 matches found
GHSA-4W5X-X539-PPF5 Incorrect handling of credential expiry by /nats-io/nats-server
Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an API which encouraged misuse and an IsRevoked method which misused its own API....
CVE-2022-24450
A flaw was found in the NATS nats-server in an experimental feature that provides dynamically provisioned sandbox accounts that do not check the clients’ authorization. This flaw allows an attacker to take advantage of its valid account and switch over to another existing account without further...
Privilege Escalation
github.com/nats-io/nats-server is vulnerable to privilege escalation. The vulnerability exists due to the weak permission in the "dynamically provisioned sandbox accounts" feature., allowing an unauthorized user to access System account...
Incorrect Authorization in NATS nats-server
This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...
GHSA-G6W6-R76C-28J7 Incorrect Authorization in NATS nats-server
This advisory is canonically Problem Description NATS nats-server through 2022-02-04 has Incorrect Access Control, with unchecked ability for clients to authorize into any account, because of a coding error in a long-extant experimental feature. A client crafting the initial protocol-level...
CVE-2022-24450
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...
CVE-2022-24450
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...
Design/Logic Flaw
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...
CVE-2022-24450
CVE-2022-24450 affects NATS nats-server up to and including 2.7.1, with a root cause in an experimental feature for dynamically provisioned sandbox accounts that allowed any authenticated user to switch into any account, including the System account. The impact is high (privilege escalation and f...
CVE-2022-24450
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...
CVE-2022-24450
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...
CVE-2022-24450
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...
PT-2022-16706 · Unknown · Nats Server +1
Name of the Vulnerable Software and Affected Versions: NATS Server versions prior to 2.7.2 NATS Streaming Server versions prior to 0.24.1 Description: The issue is related to Incorrect Access Control in NATS nats-server, where any authenticated user can obtain the privileges of the System account...
Nats-Server 访问控制错误漏洞
Nats-Server is a high-performance server for Nats.io, cloud and edge native messaging systems. An access control error vulnerability exists in nats-server, which arises from the product allowing any authenticated user to gain privileges on the System account by abusing the "dynamically provisione...
github.com/nats-io/nats-server Import token permissions checking not enforced
This advisory is canonically Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Import system used to grant cross-account access to some Subjects. Some Exports are public, such that anyon...
GHSA-J756-F273-XHP4 github.com/nats-io/nats-server Import token permissions checking not enforced
This advisory is canonically Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Import system used to grant cross-account access to some Subjects. Some Exports are public, such that anyon...
Import loops in account imports, nats-server DoS
This advisory is canonically Problem Description An export/import cycle between accounts could crash the nats-server, after consuming CPU and memory. This issue was fixed publicly in in November 2020. The need to call this out as a security issue was highlighted by snyk.io and we are grateful for...
GHSA-GWJ5-3VFQ-Q992 Import loops in account imports, nats-server DoS
This advisory is canonically Problem Description An export/import cycle between accounts could crash the nats-server, after consuming CPU and memory. This issue was fixed publicly in in November 2020. The need to call this out as a security issue was highlighted by snyk.io and we are grateful for...
Nil dereference in NATS JWT causing DoS of nats-server
This advisory is canonically Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should be able to safely issue Accounts to other entities which it does not ful...
GHSA-HMM9-R2M2-QG9W Nil dereference in NATS JWT causing DoS of nats-server
This advisory is canonically Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should be able to safely issue Accounts to other entities which it does not ful...