github.com/brokercap/bifrost is vulnerable to authentication bypass. The vulnerability exists in common.go
because the write permission limit for monitor group is not properly defined which allows an attacker to bypass permission using HTTP basic authentication.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/brokercap/bifrost | le | v1.8.6-release | |
github.com/brokercap/bifrost | le | v1.8.6-release |