CVE-2020-9300

Published: Nov 9, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

The Access Control issues include allowing a regular user to view a restricted incident, user role escalation to admin, users adding themselves as a participant in a restricted incident, and users able to view restricted incidents via the search feature. If your install has followed the secure deployment guidelines the risk of this is lowered, as this may only be exploited by an authenticated user.

Vendor	Product	Versions
n/a	Netflix Dispatch	affected `All versions prior to v20201106`

References

https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-005.md

x_refsource_MISC

https://github.com/Netflix/dispatch/releases/tag/v20201106

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-9300

Description

Affected Products

References