CVE-2023-38335

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis libraries "always private" - this is supposed to be an irreversible operation. However, due to implementation issues, "always private" Omnis libraries can be opened by the Omnis Studio browser by bypassing specific checks. This violates the expected behavior of an "irreversible operation".

Vendor	n/a
Product	n/a
Published	Jul 20, 2023
Last Updated	Oct 24, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new unknown vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

syss.de: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-005.txt seclists.org: http://seclists.org/fulldisclosure/2023/Jul/41 packetstormsecurity.com: http://packetstormsecurity.com/files/173695/Omnis-Studio-10.22.00-Library-Setting-Bypass.html seclists.org: http://seclists.org/fulldisclosure/2023/Jul/43