CVE-2024-28087
May 15, 2024, 6:35 p.m.
None
No Score
Description
In Bonitasoft runtime Community edition, the lack of dynamic permissions causes IDOR vulnerability. Dynamic permissions existed only in Subscription edition and have now been restored in Community edition, where they are not custmizable.
Product(s) Impacted
| Product | Versions |
|---|---|
| Bonitasoft Bonita Runtime |
|
| Bonitasoft runtime Community edition |
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
Tags
Timeline
Published: May 15, 2024, 5:15 p.m.
Last Modified: May 15, 2024, 6:35 p.m.
Last Modified: May 15, 2024, 6:35 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.