Unrated severityOSV Advisory· Published Nov 20, 2018· Updated Sep 16, 2024
CVE-2018-19367
CVE-2018-19367
Description
Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/portainer/portainer/issues/2475mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.