Critical Vulnerability in Harbor Enables Privilege Escalation from Zero to Admin (CVE-2019-16097)
Aviv Sasson, a security researcher from the cloud division of Unit 42, has identified a critical vulnerability in a widespread cloud native registry called Harbor. The vulnerability allows attackers to take over Harbor registries by sending them a malicious request. The maintainers of Harbor released a patch that closes this critical security hole. Versions 1.7.6 and 1.8.3 include this fix. Unit 42 has found 1,300 Harbor registries open to the internet with vulnerable default settings, which are currently at risk until they’re updated.
Copy and paste this URL into your WordPress site to embed
Copy and paste this code into your site to embed