3 matches found
CVE-2023-48222 Authenticated users can view or delete jobs they do not have authorization for in Rundeck
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which would allow access to view or...
CVE-2023-48222
Summary (CVE-2023-48222) : Rundeck Open Source and Process Automation products are affected prior to version 4.17.3 . The issue allows authenticated users to access two URLs and view or delete jobs without proper authorization checks, via endpoints such as http(s)://[host]/context/rdJob/ and http...
CVE-2023-48222 Authenticated users can view or delete jobs they do not have authorization for in Rundeck
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which would allow access to view or...