In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Authorization vulnerabilities in an interactive lesson.
Start learningUpgrade github.com/cockroachdb/cockroach/pkg/server
to version 19.1 or higher.
github.com/cockroachdb/cockroach/pkg/server is an open source, cloud-native SQL database.
Affected versions of this package are vulnerable to Improper Authorization. A non-admin authenticated user can call any admin endpoint, even if they should be admin-only operations, as long as the endpoint is visible over HTTP. It makes it possible for non-admin users to shut down a node or view SQL objects on which they have no permission.