CVE-2022-1766 Anchore Enterprise has a flaw in its anchoring tool that improperly stores credentials.

CVE-2022-1766 Anchore Enterprise has a flaw in its anchoring tool that improperly stores credentials.

The anchorectl version 0.1.5 is available on the release-candidate branch. Users of anchorectl version 0.1.4 can upgrade to anchorectl version 0.1.5 by running the following command: anchorectl version 0.1.5 Upgrade instructions for anchorectl version 0.1.4 Users of anchorectl version 0.1.4 can upgrade to anchorectl version 0.1.5 by running the following command: anchorectl version 0.1.5 Upgrade instructions for anchorectl version 0.1.4 The “credential” field in the SBOM is added by anchorectl version 0.1.4. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue. The “credential” field in the SBOM is added by anchorectl version 0.1.4. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue.

Anchore Enterprise: Unauthorized users were able to view and download data stored in Anchore Enterprise. This issue has been resolved in anchorectl version 0.1.5. An updated anchorectl version 0.1.5 is available on the release-candidate branch. Users of anchorectl version 0.1.4 can

Authentication fails with “Current user is not authorized”

Anchore Enterprise: Unauthorized users were able to view and download data stored in Anchore Enterprise. This issue has been resolved in anchorectl version 0.1.5. An updated anchorectl version 0.1.5 is available on the release-candidate branch. Users of anchorectl version 0.1.4 can upgrade to anchorectl version 0.1.5 by running the following command: anchorectl version 0.1.5 Upgrade instructions for anchorectl version 0.1.4

Anchore Enterprise: Unauthorized users were able to view and download data stored in Anchore Enterpr is

The issue with the original release of anchorectl 0.1.5 has been resolved in anchorectl version 0.1.5 after an unauthorized access issue was discovered by the security team.

How to Outsource SEO Correctly & Avoid the 5 Most Common Mistakes

Anchore Enterprise: Improper Access Control for Unauthorized Users

Anchore Enterprise contains sensitive data, including the SBOM. The “credential” field in the SBOM is added by anchorectl version 0.1.4. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe