CVE-2023-1832
CVE-2023-1832 affects Candlepin and describes an improper access control flaw that lets an attacker create data scoped under another customer/tenant, risking confidentiality and availability. Connected sources consistently state the server component’s authorization check is faulty; exploitation s...