CVE Vulnerabilities

CVE-2023-26280

Incorrect Privilege Assignment

Published: Nov 25, 2024 | Modified: Jan 16, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM Jazz Foundation 7.0.2 and 7.0.3 could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control.

Weakness

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Affected Software

Name Vendor Start Version End Version
Jazz_foundation Ibm 7.0.2 (including) 7.0.2 (including)
Jazz_foundation Ibm 7.0.3 (including) 7.0.3 (including)

Potential Mitigations

References