5 matches found
A user asset cannot be seized if the supplied market's collateral to seize(vTokenCollateral)is different than the pool(seizerContract) where the liquidateBorrow function is called.
Lines of code Vulnerability details Impact A user asset cannot be seized if the supplied market's collateral to seizevTokenCollateralis different than the poolseizerContract where the liquidateBorrow function is called. Proof of Concept A user asset cannot be seized if the supplied market's...
CVE-2022-2155
A vulnerability exists in the affected versions of Lumada APM’s User Asset Group feature due to a flaw in access control mechanism implementation on the “Limited Engineer” role, granting it access to the embedded Power BI reports feature. An attacker that manages to exploit the vulnerability on a...
CVE-2022-2155 A vulnerability exists in the Lumada APM’s User Asset Group feature due to a flaw in access control mechanism implementation on the “Limited Engineer” role.
A vulnerability exists in the affected versions of Lumada APM’s User Asset Group feature due to a flaw in access control mechanism implementation on the “Limited Engineer” role, granting it access to the embedded Power BI reports feature. An attacker that manages to exploit the vulnerability on a...
CVE-2022-2155
Lumada APM on-premises versions 6.0.0.0–6.4.x are affected by an improper access control vulnerability in the User Asset Group feature where the Limited Engineer role can access embedded Power BI reports and potentially manipulate asset issue comments. Exploitation could grant unauthorized access...
CVE-2008-3717
Harmoni before 1.6.0 does not require administrative privileges to list 1 user names or 2 asset ids, which allows remote attackers to obtain sensitive information...