CVE-2022-45183 Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID.

CVE-2022-45183 Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID.

An attacker with a valid app token can retrieve other app tokens by ID (i.e. all user app tokens) via an HTTP web request. This can be used to escalate privileges in the Web Server. An attacker with a valid app token can retrieve other app tokens by ID (i.e. all user app tokens) via an HTTP web request. This can be used to escalate privileges in the Web Server.

This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. This issue has been fixed in version 3.5.3. An attacker with a valid app token can retrieve other app tokens by ID (i.e. all user app tokens) via an HTTP web request. This can be used to escalate privileges in the Web Server. An attacker with a valid app token can retrieve other app tokens by ID (i.e. all user app tokens) via an HTTP web request. This can be used to escalate privileges in the Web Server. An attacker with a valid app token can retrieve other app tokens by ID

References

A full reference for this blog post can be found here:
https://www.bgr.com/2018/03/29/how-to-outsource-seo-correctly-avoid-the-5-most-common-mistakes/

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe