Sherpa Orchestrator Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in Sherpa Orchestrator version 141851. This issue allows low-privileged users to elevate their privileges by creating new users and roles. The vulnerability arises from inadequate user permission validation for most application requests, enabling unauthorized access control manipulation.

Impact

Exploitation of this vulnerability allows low-privileged users to gain elevated privileges, potentially leading to unauthorized access or actions within the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sherpa Orchestrator Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating