EPSS
Percentile
57.3%
shinken is vulnerable to improper access control. The vulnerability is due the find_class function in safepickle.py unserializing objects passed from nodes to the server which allows an attacker to bypass authentication.
find_class
safepickle.py
github.com/advisories/GHSA-p373-jqfm-j6wr
github.com/dbyio/cve-2022-37298
github.com/naparuba/shinken/commit/2dae40fd1e713aec9e1966a0ab7a580b9180cff2