Improper Authorization
CVE-2018-3778
Summary
Improper authorization in aedes version <0.35.0 will publish a LWT in a channel when a client is not authorized.
- LOW
- NETWORK
- LOW
- UNCHANGED
- NONE
- NONE
- NONE
- NONE
CWE-285 - Improper Authorization
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Advisory Timeline
- Published
