Ampache Improper Access Control Vulnerability - CVE-2021-21399 - Vulnerability Database

Ampache Improper Access Control Vulnerability - CVE-2021-21399

High
Reference: CVE-2021-21399
Title: Ampache Improper Access Control Vulnerability
Overview:

Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you must use a username that is not part of the site to bypass the auth checks. For more details and workaround guidance see the referenced GitHub security advisory.