Unknown · Stackstorm · CVE-2022-44009
**Name of the Vulnerable Software and Affected Versions**
StackStorm version 3.7.0
**Description**
The issue is related to improper access control in Key-Value RBAC, where permissions in Jinja filters are not checked, allowing attackers to access Key-Value pairs of other users. This could potentially lead to the exposure of sensitive information.
**Recommendations**
For StackStorm version 3.7.0, consider restricting access to Key-Value pairs until a patch is available, and review the permissions in Jinja filters to ensure proper access control.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.