CVE-2023-49112
Vulnerability Description
Kiuwan provides an API endpoint
/saas/rest/v1/info/application
to get information about any
application, providing only its name via the "application" parameter. This endpoint lacks proper access
control mechanisms, allowing other authenticated users to read
information about applications, even though they have not been granted
the necessary rights to do so.
This issue affects Kiuwan SAST: <master.1808.p685.q13371
/saas/rest/v1/info/application
to get information about any
application, providing only its name via the "application" parameter. This endpoint lacks proper access
control mechanisms, allowing other authenticated users to read
information about applications, even though they have not been granted
the necessary rights to do so.
This issue affects Kiuwan SAST: <master.1808.p685.q13371
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!