Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-36112

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-28 May, 2024 | 22:26
Updated At-02 Aug, 2024 | 03:30
Rejected At-
Credits

Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects

Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (`extras.view_dynamicgroup` permission) can use the Dynamic Group detail UI view (`/extras/dynamic-groups/<uuid>/`) and/or the members REST API view (`/api/extras/dynamic-groups/<uuid>/members/`) to list the objects that are members of a given Dynamic Group. In versions of Nautobot between 1.3.0 (where the Dynamic Groups feature was added) and 1.6.22 inclusive, and 2.0.0 through 2.2.4 inclusive, Nautobot fails to restrict these listings based on the member object permissions - for example a Dynamic Group of Device objects will list all Devices that it contains, regardless of the user's `dcim.view_device` permissions or lack thereof. This issue has been fixed in Nautobot versions 1.6.23 and 2.2.5. Users are advised to upgrade. This vulnerability can be partially mitigated by removing `extras.view_dynamicgroup` permission from users however a full fix will require upgrading.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:28 May, 2024 | 22:26
Updated At:02 Aug, 2024 | 03:30
Rejected At:
▼CVE Numbering Authority (CNA)
Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects

Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (`extras.view_dynamicgroup` permission) can use the Dynamic Group detail UI view (`/extras/dynamic-groups/<uuid>/`) and/or the members REST API view (`/api/extras/dynamic-groups/<uuid>/members/`) to list the objects that are members of a given Dynamic Group. In versions of Nautobot between 1.3.0 (where the Dynamic Groups feature was added) and 1.6.22 inclusive, and 2.0.0 through 2.2.4 inclusive, Nautobot fails to restrict these listings based on the member object permissions - for example a Dynamic Group of Device objects will list all Devices that it contains, regardless of the user's `dcim.view_device` permissions or lack thereof. This issue has been fixed in Nautobot versions 1.6.23 and 2.2.5. Users are advised to upgrade. This vulnerability can be partially mitigated by removing `extras.view_dynamicgroup` permission from users however a full fix will require upgrading.

Affected Products
Vendor
nautobot
Product
nautobot
Versions
Affected
  • >= 1.3.0, < 1.6.23
  • >= 2.0.0, < 2.2.5
Problem Types
TypeCWE IDDescription
CWECWE-280CWE-280: Improper Handling of Insufficient Permissions or Privileges
CWECWE-755CWE-755: Improper Handling of Exceptional Conditions
Type: CWE
CWE ID: CWE-280
Description: CWE-280: Improper Handling of Insufficient Permissions or Privileges
Type: CWE
CWE ID: CWE-755
Description: CWE-755: Improper Handling of Exceptional Conditions
Metrics
VersionBase scoreBase severityVector
3.16.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3q
x_refsource_CONFIRM
https://github.com/nautobot/nautobot/pull/5757
x_refsource_MISC
https://github.com/nautobot/nautobot/pull/5762
x_refsource_MISC
Hyperlink: https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3q
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/nautobot/nautobot/pull/5757
Resource:
x_refsource_MISC
Hyperlink: https://github.com/nautobot/nautobot/pull/5762
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3q
x_refsource_CONFIRM
x_transferred
https://github.com/nautobot/nautobot/pull/5757
x_refsource_MISC
x_transferred
https://github.com/nautobot/nautobot/pull/5762
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3q
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/nautobot/nautobot/pull/5757
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/nautobot/nautobot/pull/5762
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:28 May, 2024 | 23:15
Updated At:26 Aug, 2025 | 16:21

Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (`extras.view_dynamicgroup` permission) can use the Dynamic Group detail UI view (`/extras/dynamic-groups/<uuid>/`) and/or the members REST API view (`/api/extras/dynamic-groups/<uuid>/members/`) to list the objects that are members of a given Dynamic Group. In versions of Nautobot between 1.3.0 (where the Dynamic Groups feature was added) and 1.6.22 inclusive, and 2.0.0 through 2.2.4 inclusive, Nautobot fails to restrict these listings based on the member object permissions - for example a Dynamic Group of Device objects will list all Devices that it contains, regardless of the user's `dcim.view_device` permissions or lack thereof. This issue has been fixed in Nautobot versions 1.6.23 and 2.2.5. Users are advised to upgrade. This vulnerability can be partially mitigated by removing `extras.view_dynamicgroup` permission from users however a full fix will require upgrading.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 6.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches
networktocode
networktocode
>>nautobot>>Versions from 1.3.0(inclusive) to 1.6.23(exclusive)
cpe:2.3:a:networktocode:nautobot:*:*:*:*:*:*:*:*
networktocode
networktocode
>>nautobot>>Versions from 2.0.0(inclusive) to 2.2.5(inclusive)
cpe:2.3:a:networktocode:nautobot:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-280Secondarysecurity-advisories@github.com
CWE-755Secondarysecurity-advisories@github.com
CWE ID: CWE-280
Type: Secondary
Source: security-advisories@github.com
CWE ID: CWE-755
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/nautobot/nautobot/pull/5757security-advisories@github.com
Patch
https://github.com/nautobot/nautobot/pull/5762security-advisories@github.com
Patch
https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3qsecurity-advisories@github.com
Third Party Advisory
https://github.com/nautobot/nautobot/pull/5757af854a3a-2127-422b-91ae-364da2661108
Patch
https://github.com/nautobot/nautobot/pull/5762af854a3a-2127-422b-91ae-364da2661108
Patch
https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3qaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: https://github.com/nautobot/nautobot/pull/5757
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/nautobot/nautobot/pull/5762
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3q
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://github.com/nautobot/nautobot/pull/5757
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://github.com/nautobot/nautobot/pull/5762
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://github.com/nautobot/nautobot/security/advisories/GHSA-qmjf-wc2h-6x3q
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

10Records found
CVE-2023-48700
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.15% / 35.97%
||
7 Day CHG~0.00%
Published-21 Nov, 2023 | 22:30
Updated-02 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clear Text Credentials Exposed via Onboarding Task

The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify the onboarding process of a new device into Nautobot down to, in many cases, an IP Address and a Location. Starting in version 2.0.0 and prior to version 3.0.0, credentials provided to onboarding task are visible via Job Results from an execution of an Onboarding Task. Version 3.0.0 fixes this issue; no known workarounds are available. Mitigation recommendations include deleting all Job Results for any onboarding task to remove clear text credentials from database entries that were run while on v2.0.X, upgrading to v3.0.0, and rotating any exposed credentials.

Action-Not Available
Vendor-nautobotnautobot
Product-nautobot-plugin-device-onboardingnautobot-plugin-device-onboarding
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2023-46128
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.33%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 14:17
Updated-11 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Exposure of hashed user passwords via REST API in Nautobot

Nautobot is a Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 2.0.x, certain REST API endpoints, in combination with the `?depth=<N>` query parameter, can expose hashed user passwords as stored in the database to any authenticated user with access to these endpoints. The passwords are not exposed in plaintext. This vulnerability has been patched in version 2.0.3.

Action-Not Available
Vendor-networktocodenautobot
Product-nautobotnautobot
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2023-43087
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-4.3||MEDIUM
EPSS-0.12% / 31.85%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 10:30
Updated-05 Sep, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.

Action-Not Available
Vendor-Dell Inc.
Product-powerscale_onefsPowerScale OneFS
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-1313
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-7.63% / 91.49%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:28
Updated-04 Aug, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1376.

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_management_studioSQL Server Management Studio
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-1376
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-7.63% / 91.49%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:28
Updated-04 Aug, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1313.

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_management_studioSQL Server Management Studio
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2025-5998
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.14%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 08:48
Updated-18 Aug, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PPWP < 1.9.11 - Subscriber+ Access Bypass via REST API

The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API.

Action-Not Available
Vendor-passwordprotectwpUnknown
Product-password_protect_wordpressPPWP – Password Protect Pages
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2022-34368
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.1||MEDIUM
EPSS-0.04% / 10.58%
||
7 Day CHG~0.00%
Published-30 Aug, 2022 | 20:25
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.

Action-Not Available
Vendor-Dell Inc.
Product-emc_networkerNetWorker Management Console
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2025-27024
Matching Score-4
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Matching Score-4
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 14.81%
||
7 Day CHG~0.00%
Published-02 Jul, 2025 | 09:38
Updated-03 Jul, 2025 | 15:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper File Access in Infinera G42

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used for SSH CLI access and are able to read all files according to the OS permission instead of remaining inside the chrooted directory position.

Action-Not Available
Vendor-Infinera
Product-G42
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2019-13415
Matching Score-4
Assigner-floragunn GmbH
ShareView Details
Matching Score-4
Assigner-floragunn GmbH
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 44.01%
||
7 Day CHG~0.00%
Published-13 Aug, 2019 | 18:59
Updated-04 Aug, 2024 | 23:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to data they are not authorized to see.

Action-Not Available
Vendor-search-guardfloragunn
Product-search_guardSearch Guard
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2021-21592
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-3.1||LOW
EPSS-0.21% / 44.03%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 22:00
Updated-17 Sep, 2024 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
Details not found