2 matches found
CVE-2023-33796
A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; querie...
CVE-2023-33796
CVE-2023-33796 concerns NetBox v3.5.1, where unauthenticated attackers could issue queries against the GraphQL database and potentially access sensitive data. The core issue is described as a GraphQL access/permission gap that could expose data stored in the NetBox GraphQL layer; vendor disputes ...