CVE-2018-7690

Related Files

Micro Focus Security Bulletin MFSBGN03835 1

Posted Dec 13, 2018

Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03835 1 - The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users access to arbitrary details of the Local and LDAP users via POST method and to arbitrary details of other user's Fortify projects via GET method. Revision 1 of this advisory.

tags | advisory, arbitrary, local, vulnerability

advisories | CVE-2018-7690, CVE-2018-7691

SHA-256 | 78602ef0efd0605008f1fbce59841d535c41dd7f6c75375c80f990b66f399b5c

Download | Favorite | View

Fortify SSC 17.10 / 17.20 / 18.10 Project Insecure Direct Object Reference

Posted Dec 13, 2018

Authored by Alt3kx

Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to user projects.

tags | exploit

advisories | CVE-2018-7690

SHA-256 | d6e235c49d00e4d533f28b00647cf63de21e373e8951706d91b44ddbf61ed5c4

Download | Favorite | View