Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:43 p.m.14 views

CVE-2022-36110

Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...

8.8CVSS6.5AI score0.00735EPSS
Exploits0
Cvelist
Cvelist
added 2022/09/09 7:15 p.m.55 views

CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control

Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...

8.8CVSS8.8AI score0.00735EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/09 7:15 p.m.4 views

CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control

Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...

8.8CVSS8.5AI score0.00735EPSS
Exploits0References2
CVE
CVE
added 2022/09/09 7:15 p.m.451 views

CVE-2022-36110

Netmaker (WireGuard-based networking) is affected by an improper authorization issue prior to v0.15.1, where non-admin users could perform admin-level API calls using their auth tokens. Root cause: insufficient granularity of access control allowing privilege escalation via the API. Impact per so...

8.8CVSS8.5AI score0.00735EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder