Lucene search
HistoryJan 13, 2023 - 12:15 a.m.
CVE-2022-46463
cve-2022-46463
harbor
access control
authentication
image repositories
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.076 Low
EPSS
Percentile
94.2%
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor’s position is that this “is clearly described in the documentation as a feature.”
Affected configurations
Node
linuxfoundationharborRange1.1.0–2.5.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| linuxfoundation:harbor | linuxfoundation harbor | le | 2.5.3 |
Related
prion
prion
Design/Logic Flaw
2023-01-13 00:15:00
cnvd
cnvd
VMware Harbor Unauthorized Access Vulnerability
2023-01-17 00:00:00
cvelist
cvelist
CVE-2022-46463
2023-01-12 00:00:00
nvd
nvd
CVE-2022-46463
2023-01-13 00:15:09
osv
osv
BIT-harbor-2022-46463
2024-03-06 10:53:25
githubexploit
githubexploit
nuclei
nuclei
Harbor <=2.5.3 - Unauthorized Access
2023-08-16 08:46:20
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.076 Low
EPSS
Percentile
94.2%
Related for CVE-2022-46463