Lucene search
Veracode Vulnerability DatabaseVERACODE:5935HistoryMar 19, 2018 - 5:59 a.m.
Privilege Escalation
2018-03-1905:59:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
EPSS
0.003
Percentile
65.4%
github.com/tridentli/pitchfork is vulnerable to privilege escalation. The vulnerability exists due to an issue where permissions are mapped, allowing any authenticated user to set the System Administrator permissions on their account.
References
github.com/tridentli/pitchfork/commit/33549f15707801099e1253dd5e79369bd48eb59b
github.com/tridentli/pitchfork/commit/9fd07cbe4f93e1367e142016e9a205366680dd54
github.com/tridentli/pitchfork/issues/168
github.com/tridentli/trident/releases/tag/DEV_1.4.6-RC2
thomas-ward.net/security-advisories/trident-trusted-communications-platform-privilege-escalation-issue-advisory/
Related
cvelist
cvelist
CVE-2018-1000133
2018-03-16 14:04:00
osv
osv
CVE-2018-1000133
2018-03-16 14:29:44
nvd
nvd
CVE-2018-1000133
2018-03-16 14:29:44
cve
cve
CVE-2018-1000133
2018-03-16 14:29:44
prion
prion
Design/Logic Flaw
2018-03-16 14:29:00