Authorization

2023-08-0904:15:00

PRIOn knowledge base

www.prio-n.com

authorization

vulnerability

sig network

information disclosure

4.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the organization information of the information receiver that is set as “non-disclosure” in the information provision operation.

CPENameOperatorVersion
special_interest_group_network_for_analysis_and_liaisonge4.4.0
special_interest_group_network_for_analysis_and_liaisonle4.7.7

CPE	Name	Operator	Version
	special_interest_group_network_for_analysis_and_liaison	ge	4.4.0
	special_interest_group_network_for_analysis_and_liaison	le	4.7.7

References

jvn.jp/en/jp/JVN83334799/

www.jpcert.or.jp/press/2023/PR20230807_notice.html