Lucene search
Veracode Vulnerability DatabaseVERACODE:34224HistoryFeb 15, 2022 - 6:09 a.m.
Privilege Escalation
2022-02-1506:09:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
vulnerability
privilege escalation
user privileges
supplierscontroller.php
unauthorized access
EPSS
0.001
Percentile
30.4%
snipe/snipe-it is vulnerable to privilege escalation. The vulnerability exists because it does not properly handle the user privileges in the show function in the ‘SuppliersController.php’ file allowing a user to gain privileges and unauthorized access to confidential resources in the supplier module.
Related
cnvd
cnvd
An unspecified vulnerability exists in snipe-it (CNVD-2022-18045)
2022-02-16 00:00:00
osv
osv
CVE-2022-0579
2022-02-14 19:15:07
Improper Privilege Management in Snipe-IT
2022-02-15 00:02:45
nvd
nvd
CVE-2022-0579
2022-02-14 19:15:07
huntr
huntr
Improper Privilege Management in snipe/snipe-it
2022-02-11 11:33:56
cvelist
cvelist
CVE-2022-0579 Missing Authorization in snipe/snipe-it
2022-02-14 19:00:10
prion
prion
Authorization
2022-02-14 19:15:00
github
github
Improper Privilege Management in Snipe-IT
2022-02-15 00:02:45
cve
cve
CVE-2022-0579
2022-02-14 19:15:07