Lucene search
K

4 matches found

Cvelist
Cvelist
added 2023/11/16 10:1 p.m.40 views

CVE-2023-47112 Authenticated users can view job names and groups they do not have authorization to view in Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...

4.3CVSS4.9AI score0.00481EPSS
Exploits0References1
CVE
CVE
added 2023/11/16 10:1 p.m.62 views

CVE-2023-47112

CVE-2023-47112 affects Rundeck (Open Source and Process Automation). Vulnerable behavior: authenticated users can access two endpoints that reveal job names and groups for any project without proper authorization. Root cause: missing/insufficient authorization checks on specific URLs (e.g., /cont...

4.3CVSS4.5AI score0.00481EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/16 10:1 p.m.13 views

CVE-2023-47112 Authenticated users can view job names and groups they do not have authorization to view in Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...

4.3CVSS6.7AI score0.00481EPSS
Exploits0References1
OSV
OSV
added 2023/11/16 10:1 p.m.17 views

CVE-2023-47112 Authenticated users can view job names and groups they do not have authorization to view in Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...

4.3CVSS4.6AI score0.00481EPSS
Exploits0References3
Rows per page
Query Builder