ByteOS Network

NVD Vulnerability Details :

CVE-2023-1463

Modified

Source-security@huntr.dev

Published At-17 Mar, 2023 | 12:15

Updated At-26 Apr, 2023 | 16:15

Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Secondary	3.0	6.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

teampass>>teampass>>Versions before 3.0.0.23(exclusive)

CWE ID	Type	Source
CWE-639	Primary	security@huntr.dev
CWE-639	Secondary	nvd@nist.gov

Hyperlink	Source	Resource
https://github.com/nilsteampassnet/teampass/commit/4e06fbaf2b78c3615d0599855a72ba7e31157516	security@huntr.dev	Patch
https://huntr.dev/bounties/f6683c3b-a0f2-4615-b639-1920c8ae12e6	security@huntr.dev	Exploit Third Party Advisory