216.73.217.64

CVE-2024-38446

· Published 17/07/2024 17:15 · Modified 17/07/2024 17:15

Labels: CVE-2024-38446 2024-07-17CVE-2024-38446[email protected]

Essential information

Published
17/07/2024 17:15
Modified
17/07/2024 17:15
Author
Creator
CISA KEV
No
CWE

Description

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user (without their consent or knowledge) via a modified UUID in a POST request.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References