Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.
References
Link | Resource |
---|---|
https://github.com/portainer/portainer/releases/tag/1.18.0 | Issue Tracking Third Party Advisory |
https://github.com/portainer/portainer/pull/1979 | Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2018-06-22 11:29
Updated : 2018-08-13 11:58
NVD link : CVE-2018-12678
Mitre link : CVE-2018-12678
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
portainer
- portainer