CVE-2022-24450
Published
CVSS v3
8.8
HIGH
CVSS v2
9
HIGH
Affected
1
PROJECT
Description
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature.
High-Performance server for NATS.io, the cloud and edge native messaging system.
GitHub