Vulnerability Name: | CVE-2022-0860 (CCN-221606) | ||||||||||||
Assigned: | 2022-03-02 | ||||||||||||
Published: | 2022-03-02 | ||||||||||||
Updated: | 2022-05-23 | ||||||||||||
Summary: | Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. | ||||||||||||
CVSS v3 Severity: | 9.1 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) 7.9 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
| ||||||||||||
Vulnerability Type: | CWE-285 | ||||||||||||
Vulnerability Consequences: | Bypass Security | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-0860 Source: XF Type: UNKNOWN cobbler-cve20220860-sec-bypass(221606) Source: CCN Type: Cobbler GIT Repository Merge pull request from GHSA-mcg6-h362-cmq5 Source: MISC Type: Patch, Third Party Advisory https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa Source: CONFIRM Type: Exploit, Issue Tracking, Patch, Third Party Advisory https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d Source: CCN Type: huntr Web site Improper Authorization in cobbler/cobbler Source: FEDORA Type: Third Party Advisory FEDORA-2022-445ec90e7c Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-224e71968f Source: FEDORA Type: Third Party Advisory FEDORA-2022-ad2b0ad61b | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Denotes that component is vulnerable | ||||||||||||
BACK |