4 matches found
CVE-2022-36110
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110
Netmaker (WireGuard-based networking) is affected by an improper authorization issue prior to v0.15.1, where non-admin users could perform admin-level API calls using their auth tokens. Root cause: insufficient granularity of access control allowing privilege escalation via the API. Impact per so...