CVE-2026-10622 - Vulnerability Details - OpenCVE

Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/* endpoints.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://kb.cert.org/vuls/id/873170
https://www.collibra.com/

History

Tue, 02 Jun 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/* endpoints.
Title		CVE-2026-10622
References		https://kb.cert.org/vuls/id/873170 https://www.collibra.com/

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2026-06-02T14:01:06.148Z

Updated: 2026-06-02T14:01:06.148Z

Reserved: 2026-06-02T13:59:47.508Z

Link: CVE-2026-10622

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-06-02T14:16:45.100

Modified: 2026-06-02T14:46:17.280

Link: CVE-2026-10622

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-10622", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2026-06-02T13:59:47.508Z", "datePublished": "2026-06-02T14:01:06.148Z", "dateUpdated": "2026-06-02T14:01:06.148Z"}, "containers": {"cna": {"title": "CVE-2026-10622", "descriptions": [{"lang": "en", "value": "Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/* endpoints."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Collibra", "product": "Collibra Platform (on-prem)", "versions": [{"status": "affected", "version": "2026.03", "lessThan": "2026.03.356", "versionType": "custom"}]}, {"vendor": "Collibra", "product": "Collibra Platform (on-prem)", "versions": [{"status": "affected", "version": "2025.10", "lessThan": "2025.10.399", "versionType": "custom"}]}, {"vendor": "Collibra", "product": "Collibra Platform (SaaS)", "versions": [{"status": "affected", "version": "2026.04", "lessThan": "2026.04.5", "versionType": "custom"}]}, {"vendor": "Collibra", "product": "Collibra Platform (SaaS)", "versions": [{"status": "affected", "version": "2026.03", "lessThan": "2026.03.4", "versionType": "custom"}]}, {"vendor": "Collibra", "product": "Collibra Platform (SaaS)", "versions": [{"status": "affected", "version": "2026.02", "lessThan": "2026.02.6", "versionType": "custom"}]}, {"vendor": "Collibra", "product": "Collibra Platform (SaaS)", "versions": [{"status": "affected", "version": "2025.11", "lessThan": "2025.11.7", "versionType": "custom"}]}, {"vendor": "Collibra", "product": "Collibra Platform (SaaS)", "versions": [{"status": "affected", "version": "2025.10", "lessThan": "2025.10.9", "versionType": "custom"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-306 Missing Authentication for Critical Function"}]}, {"descriptions": [{"lang": "en", "description": "CWE-287 Improper Authentication"}]}], "references": [{"url": "https://www.collibra.com/"}, {"url": "https://kb.cert.org/vuls/id/873170"}], "x_generator": {"engine": "VINCE 3.0.42", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-10622"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-06-02T14:01:06.148Z"}}}}