exploitDog

CVE-2024-25653

Опубликовано: 14 мар. 2024

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Broken Access Control in the Report functionality of Delinea PAM Secret Server 11.4 allows unprivileged users, when Unlimited Admin Mode is enabled, to view system reports and modify custom reports via the Report functionality in the Web UI.

Ссылки

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25653
Third Party Advisory
US Government Resource
https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25653
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:delinea:secret_server:11.4.000000:*:*:*:on-premises:*:*:*

EPSS

Процентиль: 21%

0.00069

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-mxm2-h8f8-cg3h

CVSS3: 4.3

github

почти 2 года назад

Broken Access Control in the Report functionality of Delinea PAM Secret Server 11.4 allows unprivileged users, when Unlimited Admin Mode is enabled, to view system reports and modify custom reports via the Report functionality in the Web UI.

EPSS

Процентиль: 21%

0.00069

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-284