3 matches found
CVE-2026-24748
Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty...
CVE-2026-24748 Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access
Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty...
PT-2023-4951 · Triangle Microworks · Scada Data Gateway
Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations due to missing authentication. The specific flaw exists within...