Lucene search
Veracode Vulnerability DatabaseVERACODE:42993HistoryAug 29, 2023 - 12:38 p.m.
Privilege Escalation
2023-08-2912:38:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
github
netmaker
vulnerability
permission validation
non-admin users
authorized actions
roles
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
38.7%
github.com/gravitl/netmaker is vulnerable to Privilege Escalation. The vulnerability exists due to improper permission validation for non-admin users, which allows an attacker to perform authorized actions on users, such as changing roles.
Related
cvelist
cvelist
CVE-2023-32079 Netmaker Privilige Escalation Vulnerability
2023-08-24 22:03:43
osv
osv
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User
2023-08-25 18:42:53
CVE-2023-32079
2023-08-24 23:15:08
prion
prion
Design/Logic Flaw
2023-08-24 23:15:00
github
github
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User
2023-08-25 18:42:53
cve
cve
CVE-2023-32079
2023-08-24 23:15:08
nvd
nvd
CVE-2023-32079
2023-08-24 23:15:08
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
38.7%
Related for VERACODE:42993