PT-2023-23089 · Foundry · Foundry Job-Tracker

Publicado

2023-07-10

Atualizado

2023-07-18

CVE-2023-30960

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Foundry job-tracker versions prior to 4.645.0

Description A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to.

Recommendations For versions prior to 4.645.0, update to version 4.645.0 to resolve the issue.

Correção

Exposure of Resource to Wrong Sphere

IDOR

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-668CWE-639

Identificadores relacionados

CVE-2023-30960

Produtos afetados

Foundry Job-Tracker

PT-2023-23089 · Foundry · Foundry Job-Tracker

CVE-2023-30960

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5