High severity7.5NVD Advisory· Published Dec 6, 2022· Updated Jun 17, 2026
CVE-2022-44009
CVE-2022-44009
Description
Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- StackStorm/StackStormdescription
- Range: <3.7.0
Patches
Vulnerability mechanics
References
1- stackstorm.com/2022/12/v3-8-0-released/nvdVendor Advisory
News mentions
0No linked articles in our index yet.