CVE-2022-32169

CVE-2022-32169: bytebase - Improper Authorization

Vendor Bytebase

Product bytebase

Weakness CWE-285

Published September 28, 2022

Last update May 21, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”.

Key dates

02Disclosure timeline

September 28, 2022 CVE published

May 21, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-32169

Related vulnerabilities

Identifiers

CVE CVE-2022-32169

CWE CWE-285

Affected versions

Vendor Bytebase

Product bytebase

Affected ≥ 0.1.0 and < unspecified

Vendor Bytebase

Product bytebase

Affected ≥ unspecified and ≤ 1.0.4

CVE-2022-32169: bytebase - Improper Authorization

01Description

02Disclosure timeline

03References

04Related CVE