Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v2

Vendors Products
Rosariosis
  • Rosariosis

Configuration 1 [-]

cpe:2.3:a:rosariosis:rosariosis:*:*:*:*:*:*:*:*
References
Link Resource
https://github.com/francoisjacquet/rosariosis/commit/6433946abfb34324616e833b1c00d0b2450753be Patch
https://huntr.dev/bounties/efe6ef47-d17c-4773-933a-4836c32db85c Permissions Required Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2023-04-21T00:00:00

Updated: 2023-04-21T00:00:00

Reserved: 2023-04-21T00:00:00

Link: CVE-2023-2202

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-04-21T02:15:07.170

Modified: 2023-05-02T01:07:35.680

Link: CVE-2023-2202

JSON object: View

cve-icon Redhat Information

No data.

CWE