CVE-2024-49071

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-612
View all →

Vulnerability Description

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.

Related Vulnerabilities

CVE-2023-4560

MEDIUM
CVSS:6.5(Medium)

Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.

CWE-6122023

CVE-2022-41918

MEDIUM
CVSS:6.3(Medium)

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules (document-level security, field-level sec...

CWE-6122022

CVE-2022-35980

HIGH
CVSS:7.5(High)

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure v...

CWE-6122022

CVE-2024-25635

HIGH
CVSS:8.8(High)

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, organization owners can view the generated API KEY and USERS of other organization owners using the `http://192.168.26...

CWE-6122024

CVE-2022-35980

HIGH
CVSS:7.5(High)

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure v...

CWE-6122022

CVE-2023-4560

MEDIUM
CVSS:6.5(Medium)

Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.

CWE-6122023