Unrestricted Organization Access in CloudExplorer Lite

Unrestricted Organization Access in CloudExplorer Lite

CVE-2023-32316 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.

Learn more about our Open Source Audit.