Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.7 views

CVE-2023-32060

DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker...

6.5CVSS6.6AI score0.00515EPSS
Exploits0References1
Circl
Circl
added 2023/05/09 6:43 p.m.7 views

CVE-2023-32060

creationtimestamp| type| source ---|---|--- 2023-05-09 18:43:43+00:00| seen| https://t.me/cibsecurity/63624...

6.5CVSS6.3AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2023/05/09 3:15 p.m.30 views

CVE-2023-32060

DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker...

6.5CVSS6.3AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/09 2:54 p.m.9 views

CVE-2023-32060 DHIS2 Core Improper Access Control with Category Option Combination sharing in /api/trackedEntityInstance and /api/events

DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker...

6.5CVSS6.3AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2023/05/09 2:54 p.m.53 views

CVE-2023-32060

CVE-2023-32060 affects DHIS2 Core from the 2.35 branch prior to fixes: versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0. The issue is an improper access control for Category Option Combination Sharing that can cause the API endpoints /trackedEntityInstances and /events to return all events regardless...

6.5CVSS6.3AI score0.00515EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/09 2:54 p.m.32 views

CVE-2023-32060 DHIS2 Core Improper Access Control with Category Option Combination sharing in /api/trackedEntityInstance and /api/events

DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker...

6.5CVSS6.5AI score0.00515EPSS
Exploits0References1
OSV
OSV
added 2023/05/09 2:54 p.m.28 views

CVE-2023-32060 DHIS2 Core Improper Access Control with Category Option Combination sharing in /api/trackedEntityInstance and /api/events

DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker...

6.5CVSS6.3AI score0.00515EPSS
Exploits0References3
Rows per page
Query Builder