Browse all 4 CVE security advisories affecting Kron. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kron is a workflow automation tool designed for IT operations and system management, primarily used for task scheduling and remote execution across distributed environments. Historically, Kron has been susceptible to multiple remote code execution vulnerabilities due to improper input validation and insecure deserialization, along with privilege escalation flaws through insufficient access controls. The tool has faced four publicly disclosed CVEs, including critical RCE issues in its configuration parsing and authentication mechanisms. While no major security incidents have been widely reported, the consistent pattern of vulnerabilities in input handling and permission management suggests potential risks in environments where Kron is deployed with elevated privileges or exposed to untrusted networks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-44795 | Modifying User Permissions via Unauthorized Access in Single Connect — Single ConnectCWE-862 | 5.3 | Medium | 2022-01-27 |
| CVE-2021-44794 | Information Leakege via Unauthorized Access in Single Connect — Single ConnectCWE-862 | 5.3 | Medium | 2022-01-27 |
| CVE-2021-44793 | Information Leakege via Unauthorized Access in Single Connect — Single ConnectCWE-862 | 8.6 | High | 2022-01-27 |
| CVE-2021-44792 | Information Leakege via Unauthorized Access in Single Connect — Single ConnectCWE-862 | 5.3 | Medium | 2022-01-27 |
This page lists every published CVE security advisory associated with Kron. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.