N/A

A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user's permissions, through a specific API endpoint.

N/A

特权授予不正确

StrangeBee TheHive 安全漏洞

StrangeBee TheHive是StrangeBee公司的一款应用程序。 StrangeBee TheHive 5.4.10之前版本存在安全漏洞，该漏洞源于访问控制不当，可能导致未授权用户检索数据。

N/A

N/A