CVE-2017-12112

MEDIUM Year: 2017
CVSS v3 Score
4.0
Medium
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-863
View all →

Vulnerability Description

An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigger this vulnerability.

Related Vulnerabilities

CVE-2017-12113

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the...

CWE-8632017

CVE-2017-12114

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the re...

CWE-8632017

CVE-2017-12117

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the re...

CWE-8632017

CVE-2017-12118

MEDIUM
CVSS:4.0(Medium)

An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). An attacker can send JSON to trigger this vul...

CWE-8632017

CVE-2022-22326

MEDIUM
CVSS:4.0(Medium)

IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization chec...

CWE-8632022

CVE-2024-47148

MEDIUM
CVSS:4.0(Medium)

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.

CWE-8632024