Lucene search
Veracode Vulnerability DatabaseVERACODE:22436HistoryFeb 03, 2020 - 6:50 a.m.
Privilege Escalation
2020-02-0306:50:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
41.5%
github.com/goharbor/harbor is vulnerable to privilege escalation. The API call to update user profile is not validated, allowing an attacker to modify the email address of another user and subsequently perform a successful password reset to gain access to that user’s account.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/goharbor/harbor | le | 1.9.1 | |
| github.com/goharbor/harbor | le | 1.8.5 |
Related
prion
prion
Privilege escalation
2020-03-20 03:15:00
osv
osv
CVE-2019-19023
2020-03-20 03:15:13
Privilege Escalation in Cloud Native Computing Foundation Harbor
2021-05-18 18:27:28
cvelist
cvelist
CVE-2019-19023
2020-03-20 02:22:41
cve
cve
CVE-2019-19023
2020-03-20 03:15:13
nvd
nvd
CVE-2019-19023
2020-03-20 03:15:13
github
github
Privilege Escalation in Cloud Native Computing Foundation Harbor
2021-05-18 18:27:28
nessus
nessus
VMware Harbor 1.7.x, 1.8.x < 1.8.6 / 1.9.x < 1.9.3
2020-01-14 00:00:00