Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2024-44076

Disclosure Date: August 19, 2024 (last updated August 22, 2024)
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-48910

Disclosure Date: December 04, 2023 (last updated December 08, 2023)
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0