CVE-2024-38446
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th
NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user (without their consent or knowledge) via a modified UUID in a POST request.
| Vendor | n/a |
| Product | n/a |
| Published | Jul 17, 2024 |
| Last Updated | Nov 7, 2024 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new medium vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a