CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4 matches found

NVD•added 2018/12/21 7:29 p.m.•13 views

CVE-2018-20345

Incorrect access control in StackStorm API st2api in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker who has a StackStorm account and is authenticated against the StackStorm API to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=" que...

5.3CVSS5.2AI score0.00356EPSS

Exploits0References1

OSV•added 2018/12/21 7:29 p.m.•12 views

CVE-2018-20345

Incorrect access control in StackStorm API st2api in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker who has a StackStorm account and is authenticated against the StackStorm API to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=" que...

5.3CVSS6.7AI score

Exploits0References1

Prion•added 2018/12/21 7:29 p.m.•11 views

Improper access control

Incorrect access control in StackStorm API st2api in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker who has a StackStorm account and is authenticated against the StackStorm API to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=" que...

3.5CVSS5.2AI score0.00356EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/12/21 7:0 p.m.•9 views

CVE-2018-20345

Incorrect access control in StackStorm API st2api in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker who has a StackStorm account and is authenticated against the StackStorm API to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=" que...

5.2AI score0.00356EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by