CVE-2023-32316
Users can add themselves to any organization in CloudExplorer Lite
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.1EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
26 mai 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Produtos afetados
CloudExplorer-Dev · CloudExplorer-LiteQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →