Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Code42 for Enterprise through 6.8.4, an administrator without web restore permission but with the ability to manage users in an organization can impersonate a user with web restore permission. When requesting the token to do a web restore, an administrator with permission to manage a user could request the token of that user. If the administrator was not authorized to perform web restores but the user was authorized to perform web restores, this would allow the administrator to impersonate the user with greater permissions. In order to exploit this vulnerability, the user would have to be an administrator with access to manage an organization with a user with greater permissions than themselves.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Code42 Software Code42 for Enterprise 访问控制错误漏洞
Vulnerability Description
Code42 Software Code42 for Enterprise是美国Code42 Software公司的一套企业级数据保护系统。该系统能够检测内部威胁,防止数据泄露、丢失。 Code42 Software Code42 for Enterprise 6.8.4及之前版本中存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。
CVSS Information
N/A
Vulnerability Type
N/A