Intrusion Prevention

Harbor.Project.Harbor.user.API.Privilege.Escalation

Description

This indicates an attack attempt to exploit a Privilege Escatlation Vulnerability in Harbor project Harbor.
A remote attacker could exploit this vulnerability by sending an API request with a crafted JSON payload. Successful exploitation of this vulnerability could allow the attacker to create users with admin privileges.

Affected Products

Harbor project Harbor prior to 1.7.6
Harbor project Harbor prior to 1.8.3

Impact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/goharbor/harbor/commit/b6db8a8a106259ec9a2c48be8a380cb3b37cf517

CVE References

CVE-2019-16097