exploitDog

GHSA-v83x-p7cq-9755

Опубликовано: 29 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.

Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.

Ссылки

EPSS

Процентиль: 54%

0.00317

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2022-31883

CVSS3: 8.8

nvd

больше 3 лет назад

Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.

EPSS

Процентиль: 54%

0.00317

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-639