Vulnerabilities > Nask

DATE CVE VULNERABILITY TITLE RISK
2024-08-07 CVE-2024-7265 Incorrect Authorization vulnerability in Nask EZD RP
Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.
network
low complexity
nask CWE-863
8.8
2024-08-07 CVE-2024-7266 Incorrect Authorization vulnerability in Nask EZD RP
Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.
network
low complexity
nask CWE-863
4.3
2024-08-07 CVE-2024-7267 Unspecified vulnerability in Nask EZD RP
Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials. This issue affects EZD RP all versions before 19.6
network
low complexity
nask
6.5