Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40962
HistoryJun 20, 2023 - 11:44 a.m.

Privilege Escalation

2023-06-2011:44:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
pydio cells
vulnerability
privilege escalation
external users
elevated privileges

0.007 Low

EPSS

Percentile

80.2%

JSON

github.com/pydio/cells is vulnerable to Privilege Escalation. The creation of external users for file sharing is possible with Pydio Cells. It is possible to give a new user arbitrary roles with access to all cells and non-personal workspaces by altering the HTTP request that is submitted when creating an external user, allowing attackers to acquire elevated privileges.

Related

packetstorm 1
cvelist 1
prion 1
cve 1
osv 1
githubexploit 1
zdt 1
exploitdb 1
packetstorm
packetstorm
Pydio Cells 4.1.2 Privilege Escalation
2023-05-30 00:00:00
cvelist
cvelist
CVE-2023-32749
2023-06-08 00:00:00
prion
prion
Default credentials
2023-06-08 20:15:00
cve
cve
CVE-2023-32749
2023-06-08 20:15:09
osv
osv
CVE-2023-32749
2023-06-08 20:15:09
githubexploit
githubexploit
Exploit for Incorrect Authorization in Pydio Cells
2024-05-01 21:37:00
zdt
zdt
Pydio Cells 4.1.2 - Unauthorised Role Assignments Vulnerability
2023-05-31 00:00:00
exploitdb
exploitdb
Pydio Cells 4.1.2 - Unauthorised Role Assignments
2023-05-31 00:00:00

0.007 Low

EPSS

Percentile

80.2%

JSON
Related for VERACODE:40962
packetstorm1cvelist1prion1cve1osv1githubexploit1zdt1exploitdb1