CVE-2022-45929 Information

Description

Northern.tech Mender 3.3.x before 3.3.2 3.5.x before 3.5.0 and 3.6.x before 3.6.0 has Incorrect Access Control and allows users to change their roles and could allow privilege escalation from a low-privileged read-only user to a high-privileged user.

Reference

https://northern.tech https://mender.io/blog/cve-2022-45929-cve-2022-41324-improper-access-control-for-low-privileged-users