Lucene search
Veracode Vulnerability DatabaseVERACODE:27575HistoryOct 14, 2020 - 4:51 a.m.
Privilege Escalation
2020-10-1404:51:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
sopel_plugins_channelmgnt vulnerability privilege escalation bypass acl op/voice software
EPSS
0.001
Percentile
41.7%
sopel_plugins_channelmgnt is vulnerable to privilege escalation. Lack of checking access on restricted changes allows an attacker to bypass ACL and to op/voice, taking over a channel.
References
github.com/MirahezeBots/MirahezeBots/security/advisories/GHSA-23pc-4339-95vg
github.com/MirahezeBots/sopel-channelmgnt/commit/be0c90e7a7cfdea8854f4c5807ef5d09a4036c17
github.com/MirahezeBots/sopel-channelmgnt/pull/3
github.com/MirahezeBots/sopel-channelmgnt/security/advisories/GHSA-j257-jfvv-h3x5
phab.bots.miraheze.wiki/phame/live/1/post/1/summary/
phab.bots.miraheze.wiki/T117
pypi.org/project/sopel-plugins.channelmgnt/
Related
github
github
Privilege Escalation in Channelmgnt plug-in for Sopel
2020-10-13 17:30:30
cvelist
cvelist
CVE-2020-15251 Privilege Escalation in Channelmgnt plug-in for Sopel
2020-10-13 17:15:17
nvd
nvd
CVE-2020-15251
2020-10-13 18:15:12
ubuntucve
ubuntucve
CVE-2020-15251
2020-10-13 00:00:00
osv
osv
Privilege Escalation in Channelmgnt plug-in for Sopel
2020-10-13 17:30:30
PYSEC-2020-110
2020-10-13 18:15:00
cve
cve
CVE-2020-15251
2020-10-13 18:15:12
prion
prion
Security feature bypass
2020-10-13 18:15:00
attackerkb
attackerkb
CVE-2020-15251
2020-10-13 00:00:00