PT-2024-14257 · Dataiku · Dataiku Dss
Christian Turri
·
Published
2024-01-08
·
Updated
2024-01-12
·
CVE-2023-51717
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dataiku DSS versions prior to 11.4.5
Dataiku DSS versions prior to 12.4.1
Description
The issue is related to Incorrect Access Control, which could lead to a full authentication bypass.
Recommendations
For versions prior to 11.4.5, update to version 11.4.5 or later.
For versions prior to 12.4.1, update to version 12.4.1 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dataiku Dss