In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.openmicroscopy.org/security/advisories/2019-SV2/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-06-17T16:12:42
Updated: 2024-08-04T22:10:08.800Z
Reserved: 2019-03-23T00:00:00
Link: CVE-2019-9943
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-06-17T17:15:10.427
Modified: 2020-06-24T14:57:22.247
Link: CVE-2019-9943
Redhat
No data.