84 matches found
CVE-2023-32316 Users can add themselves to any organization in CloudExplorer Lite
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds fo...
CVE-2023-32311
The CVE-2023-32311 issue affects CloudExplorer Lite prior to v1.1.0, where there is an insufficient check of organization/workspace permissions, allowing a user to add themselves to any organization. Multiple connected sources confirm this vulnerability, its fixed status in version 1.1.0, and the...
CVE-2023-32311 The CloudExplorer Lite missing permissions check
CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised t...
CVE-2023-32311 The CloudExplorer Lite missing permissions check
CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised t...
CVE-2023-32311 The CloudExplorer Lite missing permissions check
CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised t...
PT-2023-23721 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: CloudExplorer Lite versions prior to 1.1.0 Description: The issue concerns a cloud management platform where organization/workspace permissions are not properly checked, allowing users to add themselves to any organization. This has been fixe...
CloudExplorer Lite 安全漏洞
CloudExplorer Lite is CloudExplorer's platform that provides out-of-the-box basic functionality for cloud hosting management, cloud billing, operational analytics, and security compliance, as well as powerful extensibility to meet the customization needs of enterprises. A security vulnerability...
CloudExplorer Lite 安全漏洞
CloudExplorer Lite is CloudExplorer's platform that provides out-of-the-box cloud hosting management, cloud billing, operational analytics, and security compliance, among other essential features, along with powerful extensibility to meet the customization needs of organizations. A security...
PT-2023-23724 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: CloudExplorer Lite versions prior to 1.1.0 Description: The issue is related to a missing permission check on the user profile in CloudExplorer Lite, an open source cloud management tool. This allows users to add themselves to any organizatio...
CVE-2023-2845
Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2845
Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2844
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
PT-2023-21722 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: cloudexplorer-lite versions prior to 1.1.0 Description: The issue concerns a missing authorization in the cloudexplorer-lite GitHub repository. This allows for an authorization bypass through a user-controlled key. Recommendations: For versio...
CVE-2023-2845 Improper Access Control in cloudexplorer-dev/cloudexplorer-lite
Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2844 Authorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-lite
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2844 Authorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-lite
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-2845 Improper Access Control in cloudexplorer-dev/cloudexplorer-lite
Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
PT-2023-21730 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: cloudexplorer-lite versions prior to v1.1.0 Description: The issue is related to improper access control in the cloudexplorer-lite GitHub repository. Recommendations: For versions prior to v1.1.0, update to version v1.1.0 or later to resolve...
CVE-2023-2844
CVE-2023-2844 affects cloudexplorer-lite prior to v1.1.0. The issue is an authorization bypass via a user-controlled key caused by missing authorization checks in the GitHub repository cloudexplorer-dev/cloudexplorer-lite. A PoC in Huntr shows an IDOR-style bypass where a user can impersonate ano...
CVE-2023-2845
CVE-2023-2845 targets the GitHub repository cloudexplorer-dev/cloudexplorer-lite and affects versions prior to v1.1.0. The root cause is improper access control, which can allow unauthorized actions within the application (as noted by multiple sources). All sources consistently cite an access-con...