CVE-2022-45929

June 20, 2024, 5:15 p.m.

Tags

cve@mitre.org
2024-06-20
CVE-2022-45929

Product(s) Impacted

Northern.tech Mender

  • 3.3.x before 3.3.2
  • 3.5.x before 3.5.0
  • 3.6.x before 3.6.0

Description

Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect Access Control and allows users to change their roles and could allow privilege escalation from a low-privileged read-only user to a high-privileged user.

Weaknesses

Date

Published: June 20, 2024, 5:15 p.m.

Last Modified: June 20, 2024, 5:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://mender.io/blog/cve-2022-45929-cve-2022-41324-improper-access-control-for-low-privileged-users
cve@mitre.org
https://northern.tech
cve@mitre.org