← Back

CVE-2024-22278

nvd nist
Published: Aug 2, 2024Modified: Aug 14, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations.

Affected (2)

Linuxfoundation
1 product
Harbor
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Linuxfoundation
Harbor
Before 2.9.5
Harbor
From 2.10.0 to 2.10.3

Related CWEs

CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

Source: security@vmware.com
Third Party Advisory

Timeline

No history available yet.