CVE-2024-50967

Name of the Vulnerable Software and Affected Versions Becon DATAGerry versions prior to 2.3

Description The /rest/rights/ REST API endpoint contains an Incorrect Access Control issue, allowing an attacker to remotely access this endpoint without authentication. This leads to the unauthorized disclosure of sensitive information.

Recommendations For versions prior to 2.3, update to version 2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the /rest/rights/ endpoint until a patch is available.