exploitDog

GHSA-96c8-xgpw-cf29

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2018-10211

CVSS3: 5.3

nvd

почти 8 лет назад

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie.

EPSS

Процентиль: 43%

0.00206

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-639