admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-25653.md
marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00

18 lines
726 B
Markdown
Raw Blame History

### [CVE-2024-25653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25653)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
Broken Access Control in the Report functionality of Delinea PAM Secret Server 11.4 allows unprivileged users, when Unlimited Admin Mode is enabled, to view system reports and modify custom reports via the Report functionality in the Web UI.
### POC
#### Reference
- https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25653
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Reference in New Issue View Git Blame Copy Permalink