CVE-2018-7691

Related Files

Micro Focus Security Bulletin MFSBGN03835 1

Posted Dec 13, 2018

Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03835 1 - The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users access to arbitrary details of the Local and LDAP users via POST method and to arbitrary details of other user's Fortify projects via GET method. Revision 1 of this advisory.

tags | advisory, arbitrary, local, vulnerability

advisories | CVE-2018-7690, CVE-2018-7691

SHA-256 | 78602ef0efd0605008f1fbce59841d535c41dd7f6c75375c80f990b66f399b5c

Download | Favorite | View

Fortify SSC 17.10 / 17.20 / 18.10 User Detail Insecure Direct Object Reference

Posted Dec 13, 2018

Authored by Alt3kx

Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to extracting local and ldap users.

tags | exploit, local

advisories | CVE-2018-7691

SHA-256 | f5f61f0e91fb1492f3cc43981bb89d49f791427a38840fc17d42980c9a25194c

Download | Favorite | View