Kiteworks Core before 9.2.2 is vulnerable to Improper Ownership Management

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

属主管理不恰当

Kiteworks Core 安全漏洞

Kiteworks Core是美国Kiteworks公司的一款提供安全文件传输与内容治理能力的企业数据交换平台。 Kiteworks Core 9.2.0版本和9.2.1版本存在安全漏洞，该漏洞源于访问控制不当，可能导致未经授权的访问。

N/A

N/A