CVE-2023-49112
Essential information
- Published
- 20/06/2024 13:15
- Modified
- 20/06/2024 16:07
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Kiuwan provides an API endpoint
/saas/rest/v1/info/application
to get information about any
application, providing only its name via the "application" parameter. This endpoint lacks proper access
control mechanisms, allowing other authenticated users to read
information about applications, even though they have not been granted
the necessary rights to do so.
This issue affects Kiuwan SAST: <master.1808.p685.q13371
NVD status
- Status
- Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- 551230f0-3615-47bd-b7cc-93e92e730bbf
- NVD
- View on NVD