Lucene search
K

12 matches found

NVD
NVD
added 2026/06/12 8:16 p.m.12 views

CVE-2026-54357

An improper authorization vulnerability in MISP allowed an authenticated organization administrator to access or modify user settings belonging to site administrator accounts within the same organization. The affected access-control checks scoped administrative actions by organization membership...

5.1CVSS0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 7:25 p.m.13 views

CVE-2026-54357 MISP improper authorization allows organization administrators to modify site administrator user settings

An improper authorization vulnerability in MISP allowed an authenticated organization administrator to access or modify user settings belonging to site administrator accounts within the same organization. The affected access-control checks scoped administrative actions by organization membership...

5.1CVSS5.3AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 7:25 p.m.32 views

CVE-2026-54357 MISP improper authorization allows organization administrators to modify site administrator user settings

An improper authorization vulnerability in MISP allowed an authenticated organization administrator to access or modify user settings belonging to site administrator accounts within the same organization. The affected access-control checks scoped administrative actions by organization membership...

5.1CVSS0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 7:25 p.m.8 views

EUVD-2026-36549

An improper authorization vulnerability in MISP allowed an authenticated organization administrator to access or modify user settings belonging to site administrator accounts within the same organization. The affected access-control checks scoped administrative actions by organization membership...

5.1CVSS5.2AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48966

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An improper authorization issue allows an authenticated organization administrator to access or modify user settings of site administrator accounts within the same organization. This occurs...

5.1CVSS5.1AI score0.00254EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 p.m.7 views

CVE-2021-3183

Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...

7.5CVSS7.2AI score0.01246EPSS
Exploits0References1
OSV
OSV
added 2022/05/14 3:29 a.m.11 views

GHSA-R48H-JR2J-9G78 HashiCorp Terraform Amazon Web Services (AWS) uses an insecure PRNG

aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...

9.8CVSS9.3AI score0.02038EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/14 3:29 a.m.21 views

HashiCorp Terraform Amazon Web Services (AWS) uses an insecure PRNG

aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...

9.8CVSS7.1AI score0.02038EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2021/01/19 3:15 p.m.20 views

CVE-2021-3183

Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...

7.5CVSS7.7AI score0.01246EPSS
Exploits0References1
OSV
OSV
added 2021/01/19 3:15 p.m.4 views

CVE-2021-3183

Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...

7.5CVSS7.1AI score0.01246EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/01/19 2:58 p.m.21 views

CVE-2021-3183

Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...

7.9AI score0.01246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/03/27 6:29 p.m.3 views

CVE-2018-9057

aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...

9.8CVSS5.6AI score0.02038EPSS
Exploits0References2
Rows per page
Query Builder