CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

The Access Control issues include allowing a regular user to view a restricted incident, user role escalation to admin, users adding themselves as a participant in a restricted incident, and users able to view restricted incidents via the search feature. If your install has followed the secure deployment guidelines the risk of this is lowered, as this may only be exploited by an authenticated user.

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 2 Total

https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-005.md
external site
https://github.com/Netflix/dispatch/releases/tag/v20201106
external site

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-005.md
external site
x_transferred
https://github.com/Netflix/dispatch/releases/tag/v20201106
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Netflix, Inc.

Description

Product Status

References 2 Total

CVE Program

References 2 Total