CVE-2023-32079

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 24, 2023
Updated: Aug 30, 2023
CWE ID 915

Summary

CVE-2023-32079 is a mass assignment vulnerability affecting Netmaker, a tool used for creating networks with WireGuard. This issue, present in versions prior to 0.17.1 and 0.18.6, allows non-admin users to escalate their privileges to those of an admin user. To mitigate this risk, Netmaker users on version 0.17.1 should update to the patched version by running `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. Alternatively, they can pull the latest docker image of the backend and restart the server as a temporary workaround. Users on versions 0.18.0 to 0.18.5 should upgrade to v0.18.6 or later to remediate the issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share