Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Access Control issues include allowing a regular user to view a restricted incident, user role escalation to admin, users adding themselves as a participant in a restricted incident, and users able to view restricted incidents via the search feature. If your install has followed the secure deployment guidelines the risk of this is lowered, as this may only be exploited by an authenticated user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Netflix Dispatch 安全漏洞
Vulnerability Description
Netflix Dispatch是美国Netflix公司的一个可深度集成Slack,GSuite,Jira等)工具提供安全事件管理的软件。 Netflix Dispatch 存在安全漏洞,该漏洞源于访问控制问题,攻击者可利用该漏洞查看受限制的事件、将用户角色升级为admin、将自己添加为受限制事件的参与者,以及用户能够通过搜索特性查看受限制的事件。
CVSS Information
N/A
Vulnerability Type
N/A