CVE-2024-47876 Sakai: Kernel users created with type roleview can login as a normal user

Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.2, kernel users created with type roleview can log in as a normal user. This can result in illegal access being granted to the system. Version 23.3 fixes this vulnerability...

CVE-2024-47876

Sakai Kernel vulnerability CVE-2024-47876: Kernel users created with the type roleview could log in as normal users, enabling unauthorized access. Affected in Sakai versions up to 23.2; fixed in 23.3. Root cause: improper access control allowing roleview kernel users to authenticate as non-privil...

SAK-50571 Sakai Kernel users created with type roleview can login as a normal user

Impact Illegal access can be granted to the system. References see https://sakaiproject.atlassian.net/browse/SAK-50571...

Sakai 安全漏洞

Sakai is a freely available, feature-rich technology solution for learning, teaching, research and collaboration from Apereo Sakai Open Source. A security vulnerability exists in Sakai versions prior to 23.0 through 23.2, which stems from the fact that a kernel user created using the roleview typ...