Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.
References
Link | Resource |
---|---|
https://github.com/portainer/portainer/pull/1979 | Issue Tracking Patch Third Party Advisory |
https://github.com/portainer/portainer/releases/tag/1.18.0 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:22:07
Updated: 2022-10-03T16:22:07
Reserved: 2022-10-03T00:00:00
Link: CVE-2018-12678
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-06-22T18:29:00.263
Modified: 2018-08-13T18:58:59.030
Link: CVE-2018-12678
JSON object: View
Redhat Information
No data.
CWE