Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:43 p.m.8 views

CVE-2020-5231

In Opencast before 7.6 and 8.1, users with the role ROLECOURSEADMIN can use the user-utils endpoint to create new users not including the role ROLEADMIN. ROLECOURSEADMIN is a non-standard role in Opencast which is referenced neither in the documentation nor in any code except for tests but only i...

6.5CVSS6.8AI score0.00625EPSS
Exploits1
NVD
NVD
added 2020/01/30 10:15 p.m.18 views

CVE-2020-5231

In Opencast before 7.6 and 8.1, users with the role ROLECOURSEADMIN can use the user-utils endpoint to create new users not including the role ROLEADMIN. ROLECOURSEADMIN is a non-standard role in Opencast which is referenced neither in the documentation nor in any code except for tests but only i...

6.5CVSS5.3AI score0.00625EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/01/30 9:15 p.m.33 views

CVE-2020-5231 Opencast users with ROLE_COURSE_ADMIN can create new users

In Opencast before 7.6 and 8.1, users with the role ROLECOURSEADMIN can use the user-utils endpoint to create new users not including the role ROLEADMIN. ROLECOURSEADMIN is a non-standard role in Opencast which is referenced neither in the documentation nor in any code except for tests but only i...

4.8CVSS6.6AI score0.00625EPSS
Exploits1References2
CVE
CVE
added 2020/01/30 9:15 p.m.103 views

CVE-2020-5231

Opencast is affected in versions before 7.6 and before 8.1 where users with the non‑standard ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users (not granting ROLE_ADMIN). Root cause: a misconfiguration in security allowing creation by a course admin. Impact: authorization bypas...

6.5CVSS5.5AI score0.00625EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder