Cerebrate 1.12 does not properly consider organisation_id during creation of API keys.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Cerebrate-project
  • Cerebrate

Configuration 1 [-]

cpe:2.3:a:cerebrate-project:cerebrate:1.12:*:*:*:*:*:*:*
References
Link Resource
https://github.com/cerebrate-project/cerebrate/commit/7ccf9252470a23acc38ad6ed13eecf523e368b48 Patch
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-02-23T00:00:00

Updated: 2023-02-23T00:00:00

Reserved: 2023-02-23T00:00:00

Link: CVE-2023-26468

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-02-24T00:15:12.217

Modified: 2023-03-03T16:32:03.623

Link: CVE-2023-26468

JSON object: View

cve-icon Redhat Information

No data.

CWE