Lucene search
K
Fit2cloudCloudexplorer Lite*

7 matches found

CVE
CVE
added 2023/05/23 12:0 a.m.81 views

CVE-2023-2844

CVE-2023-2844 affects cloudexplorer-lite prior to v1.1.0. The issue is an authorization bypass via a user-controlled key caused by missing authorization checks in the GitHub repository cloudexplorer-dev/cloudexplorer-lite. A PoC in Huntr shows an IDOR-style bypass where a user can impersonate ano...

7.2CVSS5.4AI score0.00676EPSS
CVE
CVE
added 2023/08/24 10:42 p.m.63 views

CVE-2023-39519

CVE-2023-39519 affects CloudExplorer Lite (open source cloud management platform). Prior to version 1.4.0, there is a vulnerability in how user information is retrieved that can lead to leakage of sensitive data. The issue has been fixed in version 1.4.0. Detailed entries across multiple sources ...

7.5CVSS6AI score0.0063EPSS
CVE
CVE
added 2023/05/23 12:0 a.m.59 views

CVE-2023-2845

CVE-2023-2845 targets the GitHub repository cloudexplorer-dev/cloudexplorer-lite and affects versions prior to v1.1.0. The root cause is improper access control, which can allow unauthorized actions within the application (as noted by multiple sources). All sources consistently cite an access-con...

8.8CVSS8.2AI score0.00657EPSS
CVE
CVE
added 2023/10/30 10:28 p.m.58 views

CVE-2023-44397

CloudExplorer Lite (prior to v1.4.1) contains a permission bypass in its gateway filter. The issue is caused by a controller handling paths that start with matching/API/, enabling bypass of access controls. The CVE-2023-44397 entry notes a fix in v1.4.1. CVSS data indicates a high impact (possibl...

9.8CVSS8.6AI score0.00615EPSS
CVE
CVE
added 2023/08/04 5:22 p.m.46 views

CVE-2023-38692

CloudExplorer Lite (open source cloud management platform) contains a command injection vulnerability in the installation function of the module management component, tracked as CVE-2023-38692. The root cause is a command execution vulnerability in that function, affecting versions prior to 1.3.1...

9.8CVSS9.8AI score0.0281EPSS
CVE
CVE
added 2023/06/27 4:34 p.m.40 views

CVE-2023-34240

CVE-2023-34240 affects CloudExplorer-Lite prior to v1.2.0, where the authentication system did not enforce strong passwords, enabling weak-password guessing/brute-force attempts and potential authentication failures. Multiple sources confirm the issue and fix in v1.2.0, with upgrade advised. The ...

9.8CVSS8.2AI score0.00463EPSS
CVE
CVE
added 2023/06/27 3:29 a.m.39 views

CVE-2023-3423

CVE-2023-3423 affects CloudExplorer Lite prior to version 1.2.0. The root cause described across sources is weak/absent password validation on the backend, which can allow weak passwords or guessing attempts to compromise accounts. Public references (NVD, Red Hat, OSV, etc.) consistently cite wea...

8.8CVSS7.1AI score0.0078EPSS