CVE-2023-38334
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for locking classes within Omnis libraries: it should be no longer possible to delete, view, change, copy, rename, duplicate, or print a locked class. Due to implementation issues, locked classes in Omnis libraries can be unlocked, and thus further analyzed and modified by Omnis Studio. This allows for further analyzing and also deleting, viewing, changing, copying, renaming, duplicating, or printing previously locked Omnis classes. This violates the expected behavior of an "irreversible operation."
| Vendor | n/a |
| Product | n/a |
| Published | Jul 20, 2023 |
| Last Updated | Oct 24, 2024 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new unknown vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a
References
syss.de: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt seclists.org: http://seclists.org/fulldisclosure/2023/Jul/42 packetstormsecurity.com: http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html seclists.org: http://seclists.org/fulldisclosure/2023/Jul/43