What the vulnerability does
01Description
A logged-in and authenticated user with a Reviewer Role may lock a content item.
CVE-2021-23265
LOW
CVE-2021-23265: Improper Privilege Management in Crafter Studio
CVSS base score
3.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Key dates
02Disclosure timeline
May 16, 2022
CVE published
September 16, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2017-20025 Solare Solar-Log Flash Memory privileges management
CVE-2025-7044 Privilege Escalation in MAAS via Websocket Request Manipulation
CVE-2023-51386 Sandbox Accounts for Events vulnerable to privilege escalation to read running events data
CVE-2023-40377 IBM i privilege escalation
CVE-2023-52107
