Lucene search
K

4 matches found

Veracode
Veracode
added 2024/08/26 9:56 a.m.12 views

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is caused due to a failure to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user...

4.3CVSS6.5AI score0.00244EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2024/07/12 6:59 a.m.18 views

Authentication Bypass

github.com/nats-io/nats-server is vulnerable to Authentication bypass. The vulnerability is due to a failure to enforce negative user permissions in one scenario. Attackers can exploit this by using a queue subscription on the wildcard to access denied subjects...

6.3CVSS6.6AI score0.00478EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/03/23 8:59 p.m.26 views

CVE-2013-6446

The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs...

3.5CVSS3.5AI score0.00875EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/03/23 8:0 p.m.27 views

CVE-2013-6446

The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs...

3.5AI score0.00875EPSS
Exploits0References2
Rows per page
Query Builder