Michaelddickenson

**Name of the Vulnerable Software and Affected Versions** Velocidex Velociraptor versions prior to 0.76.5 **Description** An authorization bypass in the 'GetUserRoles' gRPC API endpoint allows any authenticated low-privilege user to retrieve the complete Access Control List (ACL) policy, including roles and permissions, for any user across all organizations. This is achieved by supplying targeted `Name` and `Org` parameters via a network request. **Recommendations** Update to version 0.76.5 or later.