Fit2cloud: >> Cloudexplorer Lite >> 1.3.1 Security Vulnerabilities
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with `matching/API/`, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-10-30
An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the login key component.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-09-20
Cloud Explorer Lite is an open source cloud management platform. Prior to version 1.4.0, there is a risk of sensitive information leakage in the user information acquisition of CloudExplorer Lite. The vulnerability has been fixed in version 1.4.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-24