pulpcore: RBAC permissions incorrectly assigned in tasks that create objects

A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...

CVE-2024-7143 Pulpcore: rbac permissions incorrectly assigned in tasks that create objects

A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...

PT-2024-3070

Name of the Vulnerable Software and Affected Versions Check Point ZoneAlarm Extreme Security NextGen affected versions not specified Check Point Identity Agent for Windows affected versions not specified Check Point Identity Agent for Windows Terminal Server affected versions not specified...

HYPR 安全漏洞

HYPR is a security application that implements password-less security from HYPR, Inc. A security vulnerability exists in HYPR Workforce Access that stems from a misassignment of permissions on its critical resources can lead to authentication abuse...

MediaTek 多款产品安全漏洞

MediaTek Mt Series is a series of smartphone chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in several MediaTek products, which stems from an incorrect assignment of permissions in the ims service, which may result in unexpected application behavior. The followi...

QSAN Storage Manager 授权问题漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. An authorization issue vulnerability exists in QSAN Storage Manager prior to version 3.3.1 build 202101041800, which stems from the product misassigning permissions on critical resource management and can...