Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.