2 matches found
CVE-2023-48712
Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux. In affected versions there is a privilege escalation vulnerability through a non-admin user's account. Limited users can impersonate another user's account if only single-factor authentication is configured. If a user knows a...
CVE-2023-48712
Warpgate prior to version 0.9.0 contains a privilege escalation vulnerability where a non-admin user can impersonate an admin account during login when single‑factor auth is configured. An attacker who knows an admin username and tries a wrong password, then re-enters a valid non-admin username a...