Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/20 12:25 a.m.7 views

CVE-2024-56883

Sage DPW before 202412001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced on the server side. Low-privileged Sage users with employee role privileges can create external courses for other employees, even though they do not have the...

8.1CVSS6.8AI score0.00701EPSS
Exploits1References1
Circl
Circl
added 2025/02/18 6:16 p.m.8 views

CVE-2024-56883

creationtimestamp| type| source ---|---|--- 2025-02-18 18:16:15+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lihulijfvf2n 2025-02-18 20:59:49+00:00| seen| https://t.me/cvedetector/18350 2025-02-18 21:56:16+00:00| seen|...

8.1CVSS4.8AI score0.00701EPSS
Exploits1References4
NVD
NVD
added 2025/02/18 6:15 p.m.13 views

CVE-2024-56883

Sage DPW before 202412001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced on the server side. Low-privileged Sage users with employee role privileges can create external courses for other employees, even though they do not have the...

8.1CVSS0.00701EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/18 12:0 a.m.6 views

CVE-2024-56883

Sage DPW before 202412001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced on the server side. Low-privileged Sage users with employee role privileges can create external courses for other employees, even though they do not have the...

8.1AI score0.00701EPSS
Exploits1References1
CVE
CVE
added 2025/02/18 12:0 a.m.54 views

CVE-2024-56883

CVE-2024-56883 affects Sage DPW prior to 2024_12_001. The issue is improper server-side access control: RBAC is not consistently enforced, allowing low-privilege employee-role users to create external courses for others by tampering the id parameter in a create request. Impact is elevated access ...

8.1CVSS7AI score0.00701EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.12 views

CVE-2024-56883

Sage DPW before 202412001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced on the server side. Low-privileged Sage users with employee role privileges can create external courses for other employees, even though they do not have the...

0.00701EPSS
Exploits1References1
Rows per page
Query Builder