Description
An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N (5.8 Medium). This issue was fixed in version 4.0.26021.0 of the runZero Platform.
Published: 2026-04-07
Score: 5.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Credential Access
Action: Immediate Patch
AI Analysis

Impact

The vulnerability allows a credential to be updated and then used for a task outside the authorized organization scope, effectively granting an attacker access to resources or actions they should not be able to perform. This flaw falls under Incorrect Authorization (CWE‑863) and could let a user leverage compromised or improperly scoped credentials to manipulate or access data within the platform. The impact is confined to confidentiality and integrity, with no direct denial‑of‑service effect reported.

Affected Systems

The issue affects the runZero Platform for any version prior to 4.0.26021.0. Users running an older release should identify whether they are on a vulnerable build. No other vendors or products are explicitly listed as impacted.

Risk and Exploitability

The CVSS score of 5.8 indicates medium severity, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited widespread exploitation. No EPSS score is available, so the likelihood of real‑world attacks remains uncertain. The attack vector is not explicitly stated, but given the nature of credential manipulation via the platform, it is likely achievable through API or web interfaces with elevated privileges. Appropriate auditing and segmentation of credentials can mitigate potential abuse.

Generated by OpenCVE AI on April 7, 2026 at 20:07 UTC.

Remediation

Vendor Solution

This issue was fixed in version 4.0.26021.0 of the runZero Platform

OpenCVE Recommended Actions

  • Update the runZero Platform to version 4.0.26021.0 or later
  • Verify that credential scopes are correctly limited to the intended organization after applying the patch
  • Enable logging and review transaction logs for anomalous credential usage

Generated by OpenCVE AI on April 7, 2026 at 20:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 21 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Runzero runzero Platform
CPEs cpe:2.3:a:runzero:runzero_platform:*:*:*:*:*:*:*:*
Vendors & Products Runzero runzero Platform

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Runzero
Runzero platform
Vendors & Products Runzero
Runzero platform

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N (5.8 Medium). This issue was fixed in version 4.0.26021.0 of the runZero Platform.
Title runZero Platform incorrect credential scope
Weaknesses CWE-863
References
Metrics cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N'}

Subscriptions

Runzero Platform Runzero Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: runZero

Published:

Updated: 2026-04-07T19:59:57.769Z

Reserved: 2026-04-01T20:20:42.640Z

Link: CVE-2026-5384

cve-icon Vulnrichment

Updated: 2026-04-07T19:54:57.681Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T15:17:48.720

Modified: 2026-04-21T15:40:40.783

Link: CVE-2026-5384

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:49:09Z

Weaknesses