CVE-2022-46383

Published: Dec 6, 2022Modified: Apr 23, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.

Affected (5)

Products: Rackn: Digital Rebar

Rackn

1 product

Digital Rebar

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Rackn Digital Rebar	Up to 4.6.14
Rackn Digital Rebar	From 4.10 to 4.10.8
Rackn Digital Rebar	From 4.7 to 4.7.22
Rackn Digital Rebar	From 4.8 to 4.8.5
Rackn Digital Rebar	From 4.9 to 4.9.12

References (4)

https://docs.rackn.io/en/latest/doc/security/cve_2022_46383.html

Source: cve@mitre.org

Vendor Advisory

https://rackn.com/products/rebar/

Source: cve@mitre.org

ProductVendor Advisory

https://docs.rackn.io/en/latest/doc/security/cve_2022_46383.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://rackn.com/products/rebar/

Source: af854a3a-2127-422b-91ae-364da2661108

ProductVendor Advisory

Timeline

No history available yet.