Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor role to create an audit template as a result of improper authorization checks. This feature is designated for supervisor role, but auditors have been able to successfully create audit templates from their account.
History

Thu, 09 Jan 2025 20:00:00 +0000

Type Values Removed Values Added
Description Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor role to create an audit template as a result of improper authorization checks. This feature is designated for supervisor role, but auditors have been able to successfully create audit templates from their account.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-01-09T00:00:00

Updated: 2025-01-09T19:42:02.726465

Reserved: 2024-12-16T00:00:00

Link: CVE-2024-56114

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-01-09T20:15:39.730

Modified: 2025-01-09T20:15:39.730

Link: CVE-2024-56114

cve-icon Redhat

No data.