Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Jobs can be saved as workflows with wrong permissions on KNIME Business Hub
Vulnerability Description
A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there were saved by the job owner. The attacker must have permissions to access the jobs but then they were saved into the catalog service using the wrong owner permissions. Therefore it may have been possible to save into spaces where the attacker does not have write permissions. There is no workaround.
CVSS Information
N/A
Vulnerability Type
不正确的属主授予
Vulnerability Title
KNIME Business Hub 安全漏洞
Vulnerability Description
KNIME Business Hub是KNIME公司的用于数据科学自动化、部署模型、团队协作和管理工作流的企业软件。 KNIME Business Hub 1.17.0之前版本存在安全漏洞,该漏洞源于权限检查不当,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A