CVE-2019-16097

MEDIUM NUCLEI

Harbor 1.7.0-1.8.2 - Privilege Escalation

Title source: llm

Description

core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without applying the fix: configure Harbor to use non-DB authentication backend such as LDAP.

Exploits (6)

nomisec WORKING POC 23 stars
by evilAdan0s · poc
https://github.com/evilAdan0s/CVE-2019-16097
nomisec WORKING POC 5 stars
by rockmelodies · poc
https://github.com/rockmelodies/CVE-2019-16097-batch
nomisec WORKING POC 2 stars
by luckybool1020 · poc
https://github.com/luckybool1020/CVE-2019-16097
nomisec WORKING POC 1 stars
by dacade · poc
https://github.com/dacade/cve-2019-16097
nomisec WORKING POC
by theLSA · poc
https://github.com/theLSA/harbor-give-me-admin
nomisec WORKING POC
by ianxtianxt · poc
https://github.com/ianxtianxt/CVE-2019-16097

Nuclei Templates (1)

Harbor <=1.82.0 - Privilege Escalation
MEDIUMby pikpikcu
Shodan: http.favicon.hash:657337228
FOFA: icon_hash=657337228

References (6)

Scores

CVSS v3 6.5
EPSS 0.9367
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-862
Status published
Products (11)
goharbor/harbor 1.7.0 - 1.9.0-rc1Go
linuxfoundation/harbor 1.7.0 (3 CPE variants)
linuxfoundation/harbor 1.7.1
linuxfoundation/harbor 1.7.2
linuxfoundation/harbor 1.7.3
linuxfoundation/harbor 1.7.4
linuxfoundation/harbor 1.7.5
linuxfoundation/harbor 1.8.0 (3 CPE variants)
linuxfoundation/harbor 1.8.1
linuxfoundation/harbor 1.8.2 (3 CPE variants)
... and 1 more
Published Sep 08, 2019
Tracked Since Feb 18, 2026