EUVD-2023-54814

Malicious code in bioql PyPI...

CVE-2023-4984

A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file /api/es/admin/v3/security/user/1. The manipulation leads to unprotected storage of credentials. The attack may be initiated remotely. The exploit ha...

Authentication flaw

A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file /api/es/admin/v3/security/user/1. The manipulation leads to unprotected storage of credentials. The attack may be initiated remotely. The exploit ha...

CVE-2023-4984

CVE-2023-4984 affects didi KnowSearch versions 0.3.2 and 0.3.1.2. The root issue is processing in the API endpoint "/api/es/admin/v3/security/user/1" that leads to unprotected storage of credentials. The vulnerability can be triggered remotely, and the exploit has been disclosed publicly. Affecte...

DiDi KnowSearch Security Breach

DiDi KnowSearch is a zero-intrusion, multi-tenant Elasticsearch GUI control platform built around clustering and indexing for Elasticsearch R&D and O&M staff at China's DiDi. A security vulnerability exists in didi KnowSearch versions 0.3.2 and 0.3.1.2, which stems from certain unknown processing...

PT-2023-31387 · Unknown · Didi Knowsearch

Name of the Vulnerable Software and Affected Versions: didi KnowSearch versions 0.3.1.2 through 0.3.2 Description: A vulnerability was found in didi KnowSearch, affecting some unknown processing of the file "/api/es/admin/v3/security/user/1". This issue leads to unprotected storage of credentials...