By knowing an organization's ID, an attacker can join the organization without permission and gain the ability to read and modify all data within that organization. This vulnerability allows unauthorized access and modification of sensitive information, posing a significant security risk. The flaw is due to insufficient verification of user permissions when joining an organization.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-04-10T17:07:57.614Z

Updated: 2024-08-01T18:48:21.516Z

Reserved: 2024-02-19T20:55:54.311Z

Link: CVE-2024-1643

cve-icon Vulnrichment

Updated: 2024-08-01T18:48:21.516Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-10T17:15:52.917

Modified: 2024-11-21T08:50:59.403

Link: CVE-2024-1643

cve-icon Redhat

No data.