← Volver a CVEs
CVE-2022-46383
CRITICAL9.8
Descripcion
RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado12/6/2022
Ultima modificacion4/23/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
rackn:digital_rebar
Referencias
https://rackn.com/products/rebar/(cve@mitre.org)
https://docs.rackn.io/en/latest/doc/security/cve_2022_46383.html(af854a3a-2127-422b-91ae-364da2661108)
https://rackn.com/products/rebar/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.