Vulnerabilities > CVE-2022-38599 - Exposure of Resource to Wrong Sphere vulnerability in Goteleport Teleport 3.2.2/3.5.6/3.6.3

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
goteleport
CWE-668
NVD
Published: 2022-12-08
Updated: 2022-12-12

Summary

Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.

Vulnerable Configurations

Part Description Count
Application
Goteleport
3

Common Weakness Enumeration (CWE)

References