Lucene search
K

6 matches found

Snyk
Snyk
added 2026/06/05 7:45 a.m.7 views

Insufficient Granularity of Access Control

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Insufficient Granularity of Access Control in the getMembers methods that serve the group members endpoint. A...

5.1CVSS5.4AI score0.00348EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/14 6:57 a.m.4 views

CVE-2025-32093 Syatem admin profile modification by delegated granular administration role

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the "Edit Other Users" permission to perform unauthorized modifications to system...

4.7CVSS6.8AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/14 6:57 a.m.34 views

CVE-2025-32093 Syatem admin profile modification by delegated granular administration role

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the "Edit Other Users" permission to perform unauthorized modifications to system...

4.7CVSS0.00216EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2021/11/22 6:0 p.m.28 views

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their...

7.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/11/22 6:0 p.m.28 views

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their...

7.3AI score
Exploits0
Akamai Blog
Akamai Blog
added 2018/12/20 7:37 p.m.82 views

New Delegated Administration feature in Enterprise Threat Protector

Managing security configurations for large organizations with locations scattered around the world can be challenging. Likewise, some businesses have multiple operating divisions that are separate entities but all use the same IT infrastructure. As an IT leader, you likely want to have consistenc...

1.4AI score
Exploits0
Rows per page
Query Builder