An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality.
An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normally be not accessible in the Query and Assertions functions.
References
Link | Resource |
---|---|
https://security.nozominetworks.com/NN-2023:5-01 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Nozomi
Published: 2023-08-09T08:54:27.616Z
Updated: 2024-06-05T18:59:19.087Z
Reserved: 2023-01-24T10:39:24.296Z
Link: CVE-2023-24471
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-09T09:15:13.860
Modified: 2024-05-28T13:15:09.460
Link: CVE-2023-24471
JSON object: View
Redhat Information
No data.
CWE