Back to overview

CVE-2026-57855

HIGH
8.8
CVSS 3.1
Description
Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php executes bucket commands (ls, upload, removefiles, rename, createfolder) without performing any ACL or role check. Any authenticated user, regardless of role, can perform all bucket operations on any named bucket, including buckets intended for admin use only.

Metadata

CVE ID
CVE-2026-57855
State
PUBLISHED
Assigner
VulnCheck
Reserved
2026-06-25 18:48 UTC
Published
2026-07-13 22:33 UTC
Last updated
2026-07-13 22:33 UTC
Primary CWE
CWE-284
Improper Access Control
Vendor / Product
Cockpit HQ / Cockpit CMS
Sources
cve.org  ·  NVD

Severity & Metrics

8.8 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products (1)
VendorProductPlatformVersions
Cockpit HQ Cockpit CMS 0 < 2.14.0
Weakness (CWE)
CWESourceDescription
CWE-284 cna Improper Access Control
CVSS scores (2)
ScoreSeverityVersionSourceVector
8.8 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 HIGH 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Back to overview