Insufficient Access Control in LibreNMS Product by LibreNMS
CVE-2020-15877

8.8HIGH

Key Information:

Vendor: Librenms
Status: Librenms
Vendor: CVE Published:; 21 July 2020

What is CVE-2020-15877?

An issue found in LibreNMS versions prior to 1.65.1 reveals inadequate access control for standard users due to an incorrect implementation in route definitions. The vulnerability arises from using incorrect guard configurations, allowing unintended access to features meant solely for administrative users. It is crucial for organizations using affected versions to upgrade to version 1.65.1 or later to mitigate potential unauthorized access.