CVE-2023-32316

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-32316

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32316.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-32316

Aliases

GHSA-cp3j-437h-4vwj

Published

2023-05-26T22:36:29.633Z

Modified

2025-12-04T23:51:14.680952Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N CVSS Calculator

Summary

Users can add themselves to any organization in CloudExplorer Lite

Details

CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds for this vulnerability.

Database specific

{
    "cwe_ids": [
        "CWE-862"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/32xxx/CVE-2023-32316.json"
}

References

Affected packages

Git / github.com/cloudexplorer-dev/cloudexplorer-lite

Affected ranges

Type: GIT
Repo: https://github.com/cloudexplorer-dev/cloudexplorer-lite
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d9f55a44e579d312977b02317b2020de758b763a

Affected versions

v0.*

v0.1

v0.2.0

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v1.*

v1.0.0

v1.0.1