CVE-2015-3163

Name of the Vulnerable Software and Affected Versions Beaker versions prior to 20.1

Description The issue concerns the lack of access controls on the admin pages for power types and key types in Beaker. This allows remote authenticated users to modify these types by navigating to the respective pages, such as $BEAKER/powertypes and $BEAKER/keytypes.

Recommendations For versions prior to 20.1, update to version 20.1 or later to resolve the issue.