Description

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings.

Related CPE's

a

jpcert

special_interest_group_network_for_analysis_and_liaison

Vulnerable

References

https://jvn.jp/en/jp/JVN83334799/

Third Party Advisory

https://www.jpcert.or.jp/press/2023/PR20230807_notice.html

Third Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-Other

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-08-09T04:15:10.430

11 months ago

Last modified

2023-08-18T16:35:47.680

11 months ago