Lucene search
CVE-2024-36112
CVE-2024-36112 NVD
Show more
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | Improper Authorization | 30 May 202406:49 | – | veracode |
 | PYSEC-2024-166 | 28 May 202423:15 | – | osv |
| GHSA-QMJF-WC2H-6X3Q Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects | 29 May 202418:40 | – | osv |
| CVE-2024-36112 | 28 May 202423:15 | – | osv |
 | CVE-2024-36112 | 28 May 202423:15 | – | nvd |
 | CVE-2024-36112 Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects | 28 May 202422:26 | – | cvelist |
 | CVE-2024-36112 Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects | 28 May 202422:26 | – | vulnrichment |
 | Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects | 29 May 202418:40 | – | github |
[
{
"vendor": "nautobot",
"product": "nautobot",
"versions": [
{
"version": ">= 1.3.0, < 1.6.23",
"status": "affected"
},
{
"version": ">= 2.0.0, < 2.2.5",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| <uuid> | path | /extras/dynamic-groups/<uuid>/ | Lack of permission checks allows users to view Dynamic Group details without necessary permissions. | CWE-755, CWE-280 |
| <uuid> | path | /api/extras/dynamic-groups/<uuid>/members/ | Lack of permission checks allows users to view members of a Dynamic Group without necessary permissions. | CWE-755, CWE-280 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo28 May 2024 23:15Current
6.2Medium risk
Vulners AI Score6.2
CVSS36.3
EPSS0.00094
SSVC