NATS nats-server prior to 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nats nats streaming server |
||
nats nats server |