3 matches found
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
CVE-2023-44397
CloudExplorer Lite (prior to v1.4.1) contains a permission bypass in its gateway filter. The issue is caused by a controller handling paths that start with matching/API/, enabling bypass of access controls. The CVE-2023-44397 entry notes a fix in v1.4.1. CVSS data indicates a high impact (possibl...