CVE-2023-50267 | MeterSphere up to 2.10.9 Resource ID privileges management (GHSA-rcp4-c5p2-58v9)

Inserito da Angelo Barbosa | Dic 28, 2023 | CVE

A vulnerability was found in MeterSphere up to 2.10.9 and classified as critical. Affected by this issue is some unknown functionality of the component Resource ID Handler. The manipulation leads to improper privilege management.

This vulnerability is handled as CVE-2023-50267. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-50267 | MeterSphere up to 2.10.9 Resource ID privileges management (GHSA-rcp4-c5p2-58v9)

Post correlati

CVE-2023-50868 | DNS Protocol Closest Encloser Proof resource consumption

CVE-2024-23559 | HCL DevOps Deploy/Launch up to 7.0.5.20/7.1.2.16/7.2.3.9/7.3.2.4/8.0.0.1 HTTP Header Privilege Escalation (KB0111924)

CVE-2023-48866 | Grocy up to 4.0.3 Recipe Preparation /api/objects/recipes cross site scripting

CVE-2021-42145 | Contiki-NG TinyDTLS up to 2018-08-30 check_certificate_request denial of service