CVE-2024-23685

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...

GHSA-HV5G-Q4H3-64Q4 Duplicate Advisory: Hard-coded credentials in org.folio:mod-remote-storage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m8v7-469p-5x89. This link is maintained to preserve external references. Original Description Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users t...

Duplicate Advisory: Hard-coded credentials in org.folio:mod-remote-storage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m8v7-469p-5x89. This link is maintained to preserve external references. Original Description Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users t...

CVE-2024-23685

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...

CVE-2024-23685

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...

Hardcoded credentials

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...

CVE-2024-23685 FOLIO mod-remote-storage Hard Coded Credentials

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...

CVE-2024-23685

CVE-2024-23685 affects the Folio project’s mod-remote-storage, with hard-coded credentials in versions before 1.7.2 and 2.0.0–2.0.3. The root cause allows unauthorized readers to access mod-inventory-storage records (instances, holdings, items, contributor-types, identifier-types). The Red Hat an...

mod-remote-storage Trust Management Issue Vulnerability

mod-remote-storage is a FOLIO open source backend module for remote storage. A security vulnerability exists in mod-remote-storage versions prior to 1.7.2 and versions 2.0.0 through 2.0.3, which stems from the use of hard-coded credentials. An attacker can exploit the vulnerability to read access...

Hard-coded System User Credentials in Folio Data Export Spring module

Impact The module creates a system user that is used to perform internal module-to-module operations. Credentials for this user are hard-coded in the source code. This makes it trivial to authenticate as this user, allowing unauthorized read access to these mod-inventory-storage records: instance...

PT-2023-32947 · Unknown · Mod-Inventory-Storage +1

Name of the Vulnerable Software and Affected Versions: mod-remote-storage versions under 1.7.2 mod-remote-storage versions 2.0.0 through 2.0.3 Description: The issue concerns hard-coded credentials in the mod-remote-storage module, allowing unauthorized users to gain read access to...