Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:37286
HistorySep 27, 2022 - 3:52 a.m.

Privilage Escalation

2022-09-2703:52:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
octoprint
privilege escalation
vulnerability

EPSS

0.001

Percentile

41.1%

JSON

octoprint is vulnerable to privilege escalation. The vulnerability exists in get_additional_permissions function of __init__.py because the plugin manager role based list permission is not properly restricted which allows a low privileged user with read-only access to modify the admin environment.

Related

cve 1
nvd 1
osv 3
prion 1
huntr 1
cvelist 1
github 1
cve
cve
CVE-2022-3068
2022-09-21 12:15:10
nvd
nvd
CVE-2022-3068
2022-09-21 12:15:10
osv
osv
CVE-2022-3068
2022-09-21 12:15:10
OctoPrint Improper Privilege Management vulnerability
2022-09-22 00:00:31
PYSEC-2022-283
2022-09-21 12:15:00
prion
prion
Input validation
2022-09-21 12:15:00
huntr
huntr
Privilage escalation allows user with read access only to edit admin portal and take actions
2022-08-23 12:02:44
cvelist
cvelist
CVE-2022-3068 Improper Privilege Management in octoprint/octoprint
2022-09-21 11:55:09
github
github
OctoPrint Improper Privilege Management vulnerability
2022-09-22 00:00:31

EPSS

0.001

Percentile

41.1%

JSON
Related for VERACODE:37286
cve1nvd1osv3prion1huntr1cvelist1github1