Security Advisory

CVE-2022-31671

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-14 11:42:22

Last updated 2024-11-14 14:10:27

Assigner vmware

State PUBLISHED

Description

Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs stored in the Harbor database.

← Browse all CVEs View on cve.org ↗