Описание
Kiteworks is a private data network (PDN). Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0.
Ссылки
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.1.0 (исключая)
cpe:2.3:a:accellion:kiteworks:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo
EPSS
Процентиль: 20%
0.00063
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo