Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:20 a.m.11 views

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

8.8CVSS6.7AI score0.00643EPSS
Exploits0References1
NVD
NVD
added 2024/01/22 3:15 a.m.25 views

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

8.8CVSS8.7AI score0.00643EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/22 12:0 a.m.4 views

CVE-2024-23768

Dremio before 24.3.1 allows path traversal. An authenticated user who has no privileges on certain folders and the files and datasets in these folders can access these folders, files, and datasets. To be successful, the user must have access to the source and at least one folder in the source...

8.8CVSS6.7AI score0.00643EPSS
Exploits0References1
CVE
CVE
added 2024/01/22 12:0 a.m.56 views

CVE-2024-23768

CVE-2024-23768 (Dremio) : Dremio before 24.3.1 suffers a path traversal flaw where an authenticated user with no privileges on certain folders plus access to the source and at least one folder can access restricted folders, files, and datasets. Affected versions are 24.0.0–24.3.0, 23.0.0–23.2.3, ...

8.8CVSS8.5AI score0.00643EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder