CVE-2023-38752
Summary
| CVE | CVE-2023-38752 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-08-09 04:15:00 UTC |
| Updated | 2023-08-18 16:35:00 UTC |
| Description | Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jpcert | Special Interest Group Network For Analysis And Liaison | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVN#83334799: Multiple vulnerabilities in Special Interest Group Network for Analysis and Liaison's API | MISC | jvn.jp | |
| JVN#83334799 SIG情報連携ポータルのAPIにおける複数の脆弱性について | MISC | www.jpcert.or.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.