CVE-2022-31671

CVSS V2 None CVSS V3 None
Description
Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs stored in the Harbor database.
Overview
  • CVE ID
  • CVE-2022-31671
  • Assigner
  • vmware
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-11-14T11:42:22.373Z
  • Last Modified Date
  • 2024-11-14T14:10:27.403Z
History
Created Old Value New Value Data Type Notes
2024-11-15 12:05:23 Added to TrackCVE