Design/Logic Flaw

2023-10-3023:15:00

PRIOn knowledge base

www.prio-n.com

cloudexplorer lite

gateway filter

permission bypass

version 1.4.1

nvd

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue.

CPENameOperatorVersion
cloudexplorer_litelt1.4.1

CPE	Name	Operator	Version
	cloudexplorer_lite	lt	1.4.1

References

github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-fqxr-7g94-vrfj