PT-2023-26059 · Unknown · Cockpit Cms
Ghostccamm
·
Publicado
2023-07-20
·
Atualizado
2023-07-26
·
CVE-2023-37649
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cockpit CMS version 2.5.2
Description
The issue is related to incorrect access control in the
/models/Content component, allowing unauthorized attackers to access sensitive data.Recommendations
For Cockpit CMS version 2.5.2, update to a version that includes the fix for the incorrect access control issue in the
/models/Content component.
As a temporary workaround, consider restricting access to the /models/Content component until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Cockpit Cms