PT-2023-23089 · Foundry · Foundry Job-Tracker

Published

2023-07-10

Updated

2023-07-18

CVE-2023-30960

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Foundry job-tracker versions prior to 4.645.0

Description A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to.

Recommendations For versions prior to 4.645.0, update to version 4.645.0 to resolve the issue.

Fix

Exposure of Resource to Wrong Sphere

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668CWE-639

Related Identifiers

CVE-2023-30960

Affected Products

Foundry Job-Tracker

PT-2023-23089 · Foundry · Foundry Job-Tracker

CVE-2023-30960

Weakness Enumeration

Related Identifiers

Affected Products

References · 5