If an attacked was given access to an instance with the admin or manager role there is no backend authentication that would prevent the attacked from creating a new user with an `admin` role and then be able to use this new account to have elevated privileges on the instance
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-03-02T21:16:46.411Z
Updated: 2024-08-15T18:40:49.652Z
Reserved: 2024-01-22T22:19:16.570Z
Link: CVE-2024-0795
Vulnrichment
Updated: 2024-08-01T18:18:18.466Z
NVD
Status : Awaiting Analysis
Published: 2024-03-02T22:15:49.813
Modified: 2024-03-04T13:58:23.447
Link: CVE-2024-0795
Redhat
No data.