CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.
References
Configurations
History
21 Nov 2024, 08:03
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
References | () https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-cp3j-437h-4vwj - Vendor Advisory |
03 Jun 2023, 03:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-862 | |
First Time |
Fit2cloud
Fit2cloud cloudexplorer |
|
References | (MISC) https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-cp3j-437h-4vwj - Vendor Advisory | |
CPE | cpe:2.3:a:fit2cloud:cloudexplorer:*:*:*:*:lite:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
26 May 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-26 23:15
Updated : 2024-11-21 08:03
NVD link : CVE-2023-32316
Mitre link : CVE-2023-32316
CVE.ORG link : CVE-2023-32316
JSON object : View
Products Affected
fit2cloud
- cloudexplorer
CWE
CWE-862
Missing Authorization