Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/05/23 12:13 a.m.9 views

CVE-2022-44009

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information...

7.5CVSS6.8AI score0.00604EPSS
Exploits0References1
nvd
nvd
added 2022/12/06 12:15 a.m.23 views

CVE-2022-44009

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information...

7.5CVSS0.00604EPSS
Exploits0References1
osv
osv
added 2022/12/05 12:0 a.m.15 views

CVE-2022-44009

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information...

7.5CVSS6.7AI score0.00604EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2022/12/05 12:0 a.m.8 views

CVE-2022-44009

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information...

6.8AI score0.00604EPSS
Exploits0References1
cve
cve
added 2022/12/05 12:0 a.m.53 views

CVE-2022-44009

StackStorm 3.7.0 is affected by an improper access control flaw in Key-Value RBAC, where permissions checks are not applied in Jinja filters. This could allow an attacker to access another user’s K/V pairs and potentially expose sensitive information. The provided documents consistently describe ...

7.5CVSS7.5AI score0.00604EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/12/05 12:0 a.m.26 views

CVE-2022-44009

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information...

7.7AI score0.00604EPSS
Exploits0References1
Rows per page
Query Builder