Published: 13/01/2023 Updated: 11/04/2024

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

An access control issue in Harbor v1.X.X to v2.5.3 allows malicious users to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature."

Vulnerable Product	Search on Vulmon	Subscribe to Product
linuxfoundation harbor

harbor unauthorized detection

CVE-2022-46463 (Harbor public镜像下载) Harbor是一款开源的镜像托管平台。此脚本通过列举所有的pulic镜像，支持dump操作（类似docker pull），方便从公开暴露的镜像中查找敏感泄漏信息。 Usage $ python3 harborpy 1921681111 [+] grafana/grafana [+] library/openjdk $ python3 harborpy 1921681111 --dump libra

CVE-2022-46463(Harbor 未授权)

CVE-2022-46463 CVE-2022-46463(POC) Harbor 未授权漏洞详情可见Stack社区 Use python3 cvve-2022-46463py -u 127001:5003 python3 cve-2022-46463py -f filetxt Options -u URL, --url URL Target URL (eg examplecom) -f FILE, --file FILE Select a target list url file (eg filetxt) -h, --help

不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。

SBCVE 这是一个傻逼项目，不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。欢迎提交PR,抵制垃圾CVE,从我做起。傻逼评级：重傻: 无触发场景或触发场景极端，无任何实际利用价值，或对业务没有实际建设意义的漏洞高傻: 需要高权限才能利用的漏洞中傻: 功能特性当漏洞提交。低傻:

CWE-306 https://github.com/lanqingaa/123/blob/main/README.md https://github.com/Vad1mo https://github.com/lanqingaa/123/tree/bb48caa844d88b0e41e69157f2a2734311abf02d https://nvd.nist.gov https://github.com/404tk/CVE-2022-46463

CVE-2022-46463

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect