CVE-2024-46897

LOW Year: 2024
CVSS v3 Score
3.8
Low
Weakness Type
CWE-732
View all →

Vulnerability Description

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table.

Related Vulnerabilities

CVE-2018-1315

LOW
CVSS:3.7(Low)

In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on th...

CWE-7322018

CVE-2021-20355

LOW
CVSS:3.7(Low)

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploi...

CWE-7322021

CVE-2021-20416

LOW
CVSS:3.7(Low)

IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit th...

CWE-7322021

CVE-2021-20526

LOW
CVSS:3.7(Low)

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain s...

CWE-7322021

CVE-2021-38879

LOW
CVSS:3.7(Low)

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploi...

CWE-7322021

CVE-2022-22330

LOW
CVSS:3.7(Low)

IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensi...

CWE-7322022