Lucene search
+L

4 matches found

Github Security Blog
Github Security Blog
added 2018/11/06 11:17 p.m.26 views

Exposure of Sensitive Information to an Unauthorized Actor in Apache syncope-cope

An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can recover sensitive security values using the fiql and orderby parameters...

4.9CVSS3.8AI score0.20502EPSS
Exploits4References7Affected Software1
OSV
OSV
added 2018/03/20 5:29 p.m.14 views

CVE-2018-1322

An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters...

4.9CVSS5.5AI score0.20502EPSS
Exploits4References3
CVE
CVE
added 2018/03/20 5:0 p.m.96 views

CVE-2018-1322

CVE-2018-1322 affects Apache Syncope: 1.2.x before 1.2.11, 2.0.x before 2.0.8, and some unsupported releases (1.0.x, 1.1.x). The vulnerability allows an administrator with user-search entitlements to recover sensitive security values by manipulating the fiql and orderby parameters. The provided d...

4.9CVSS5.2AI score0.20502EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2018/03/20 5:0 p.m.27 views

CVE-2018-1322

An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters...

5.4AI score0.20502EPSS
Exploits4References3
Rows per page
Query Builder