exploitDog

CVE-2019-9943

Опубликовано: 17 июн. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.

Ссылки

https://www.openmicroscopy.org/security/advisories/2019-SV2/
Vendor Advisory
https://www.openmicroscopy.org/security/advisories/2019-SV2/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openmicroscopy:omero.server:*:*:*:*:*:*:*:*

Версия от 5.1.0 (включая) до 5.6.0 (включая)

EPSS

Процентиль: 35%

0.00148

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-276

Связанные уязвимости

GHSA-xj63-cgcm-5qj2

github

больше 3 лет назад

In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.

EPSS

Процентиль: 35%

0.00148

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-276