Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd551230f0-3615-47bd-b7cc-93e92e730bbfNVD:CVE-2023-49112
HistoryJun 20, 2024 - 1:15 p.m.

CVE-2023-49112

2024-06-2013:15:49
551230f0-3615-47bd-b7cc-93e92e730bbf
web.nvd.nist.gov
3
kiuwan
api
access control

0.0004 Low

EPSS

Percentile

9.1%

JSON

Kiuwan provides an API endpoint

/saas/rest/v1/info/application

to get information about any
application, providing only its name via the β€œapplication” parameter. This endpoint lacks proper access
control mechanisms, allowing other authenticated users to read
information about applications, even though they have not been granted
the necessary rights to do so.

This issue affects Kiuwan SAST: <master.1808.p685.q13371

Related

cvelist 1
cve 1
packetstorm 1
cvelist
cvelist
CVE-2023-49112 Insecure Direct Object Reference in Kiuwan SAST
2024-06-20 12:36:18
cve
cve
CVE-2023-49112
2024-06-20 13:15:49
packetstorm
packetstorm
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR
2024-06-10 00:00:00

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for NVD:CVE-2023-49112
cvelist1cve1packetstorm1