Filtered by vendor Rackn Subscriptions
Filtered by product Digital Rebar Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-46383 1 Rackn 1 Digital Rebar 2024-11-21 9.8 Critical
RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.
CVE-2022-46382 1 Rackn 1 Digital Rebar 2024-11-21 8.8 High
RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. After signing into Digital Rebar, users are issued authentication tokens tied to their account to perform actions within Digital Rebar. During the validation process of these tokens, Digital Rebar did not check if the user account still exists. Deleted Digital Rebar users could still use their tokens to perform actions within Digital Rebar.