Vulnerability
CVE-2022-24450
[CVE-2022-24450] CWE-862: Missing Authorization
Description
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature.
Deviation Notice:
Sonatype's research suggests that this CVE's details differ from those
defined at NVD or other reporting sources; sign in for details.
Sign up and see:
Detailed deviation notices:
- Detailed deviations
- References
- Custom Descriptions [Coming Soon]