CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Okfn: >> Ckan >> 2.1.5 Security Vulnerabilities

CVE-2022-43685

CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user to take over an existing account including superuser accounts.

CVSS Score

8.8

EPSS Score

0.009

Published

2022-11-22

Page 2

Vulnerabilities

Vulnerable Software

Okfn: >> Ckan >> 2.1.5 Security Vulnerabilities

Products

Pricing

Contact Us