CVE Vulnerabilities

CVE-2022-46383

Published: Dec 06, 2022 | Modified: Apr 23, 2025
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.

Affected Software

Name Vendor Start Version End Version
Digital_rebar Rackn * 4.6.14 (including)
Digital_rebar Rackn 4.7 (including) 4.7.22 (including)
Digital_rebar Rackn 4.8 (including) 4.8.5 (including)
Digital_rebar Rackn 4.9 (including) 4.9.12 (including)
Digital_rebar Rackn 4.10 (including) 4.10.8 (including)

References