An access control issue in Harbor allows attackers to access public and private image repositories without authentication. Successful exploitation of this vulnerability can lead to unauthorized access to sensitive data stored in Harbor.
Due to an access control flaw in Harbor, an attacker without authentication can access all information of public and private image repositories through this vulnerability and perform image pull on total of 331 repositories.
Unauthorized access to private can expose proprietary application code, possibly hardcoded credentials, or tokens within container images. Allows to identify security vulnerabilities in outdated images.

Harbor version : 2.7.x

Impacted versions : Harbor v1.X.X to v2.5.3

This Vulneability has been addressed and fixed starting from 2.5.3 onwards.