Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:24 a.m.4 views

CVE-2024-38446

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user without their consent or knowledge via a modified UUID in a POST request...

6.5CVSS7AI score0.00347EPSS
Exploits1References1
NVD
NVD
added 2024/07/17 5:15 p.m.26 views

CVE-2024-38446

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user without their consent or knowledge via a modified UUID in a POST request...

6.5CVSS0.00347EPSS
Exploits1References1
OSV
OSV
added 2024/07/17 5:15 p.m.4 views

CVE-2024-38446

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user without their consent or knowledge via a modified UUID in a POST request...

6.5CVSS7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/17 12:0 a.m.6 views

PT-2024-28006 · Nato · Nato Nci Anet

Name of the Vulnerable Software and Affected Versions: NATO NCI ANET version 3.4.1 Description: The issue concerns mishandling of report ownership. A user can create a report and change its author to any arbitrary user without their consent or knowledge. This is achieved by modifying the UUID in ...

6.5CVSS7.1AI score0.00347EPSS
Exploits1References5
CVE
CVE
added 2024/07/17 12:0 a.m.56 views

CVE-2024-38446

CVE-2024-38446 concerns NATO NCI ANET 3.4.1. The vulnerability allows an attacker to create a report and, by altering a UUID in a POST request, change the report author to an arbitrary user without their consent. This is a logic/authorization issue where report ownership is mishandled. Affected c...

6.5CVSS6.7AI score0.00347EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/07/17 12:0 a.m.33 views

CVE-2024-38446

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user without their consent or knowledge via a modified UUID in a POST request...

0.00347EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/17 12:0 a.m.9 views

CVE-2024-38446

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user without their consent or knowledge via a modified UUID in a POST request...

6.9AI score0.00347EPSS
Exploits1References1
Rows per page
Query Builder