Today > 1 Critical | 5 High | 20 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-28087

May 15, 2024, 6:35 p.m.

Product(s) Impacted

Bonitasoft Bonita Runtime

  • 7.14.0

Bonitasoft runtime Community edition

Description

In Bonitasoft runtime Community edition, the lack of dynamic permissions causes IDOR vulnerability. Dynamic permissions existed only in Subscription edition and have now been restored in Community edition, where they are not custmizable.

Weaknesses

Date

Published: May 15, 2024, 5:15 p.m.

Last Modified: May 15, 2024, 6:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References