In Bonitasoft runtime Community edition, the lack of dynamic permissions causes IDOR vulnerability. Dynamic permissions existed only in Subscription edition and have now been restored in Community edition, where they are not custmizable.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Sep 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 20 Aug 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-05-15T00:00:00
Updated: 2024-09-05T15:38:58.895820
Reserved: 2024-03-03T00:00:00
Link: CVE-2024-28087
Vulnrichment
Updated: 2024-08-02T00:48:48.254Z
NVD
Status : Awaiting Analysis
Published: 2024-05-15T17:15:10.643
Modified: 2024-09-05T16:15:07.437
Link: CVE-2024-28087
Redhat
No data.