Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure

Exploit for multiple platform in category web applications Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-7690 CVE: CVE-2018-7690 CVSS: 6.5 Medium;...

Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure

Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-7690 CVE: CVE-2018-7690 CVSS: 6.5 Medium; AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CWE-639 Description...

CVE-2018-7690

Fortify Software Security Center (SSC) REST-API for Fortify SSC versions 17.10, 17.20 and 18.10 contains an insecure direct object references (IDOR) vulnerability. The issue allows remote authenticated (view-only) users to read arbitrary details of other users’ Fortify projects via GET requests t...

CVE-2018-7690

creationtimestamp| type| source ---|---|--- 2018-12-13 04:46:18+00:00| published-proof-of-concept| https://t.me/defconnews/290 2018-12-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45989...