An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege escalation.
References
Link | Resource |
---|---|
https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2023-27001.pdf | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2024-02-08T00:00:00
Updated: 2024-02-08T21:16:43.292786
Reserved: 2023-02-27T00:00:00
Link: CVE-2023-27001
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-02-08T22:15:08.463
Modified: 2024-02-15T16:01:02.183
Link: CVE-2023-27001
JSON object: View
Redhat Information
No data.
CWE