CVE-2023-38751

Name of the Vulnerable Software and Affected Versions Special Interest Group Network for Analysis and Liaison versions 4.4.0 through 4.7.7

Description The issue allows authorized API users to view the organization information of the information receiver that is set as "non-disclosure" in the information provision operation. This is due to an improper authorization vulnerability.

Recommendations For versions 4.4.0 through 4.7.7, update to a version that includes the fix for this issue to prevent authorized API users from accessing non-disclosure information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.