1. Home
  2. Vulnerabilities
  3. CVE-2024-28087

CVE-2024-28087

CVSS v3.1 6.5 (Medium)
65% Progress
EPSS 0.04 % (10th)
0.04% Progress
Advisories 1
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Graph Web & Social Timeline

In Bonitasoft runtime Community edition, the lack of dynamic permissions causes IDOR vulnerability. Dynamic permissions existed only in Subscription edition and have now been restored in Community edition, where they are not custmizable.

Weaknesses
CWE-284
Improper Access Control
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
MITRE
Published Date
2024-05-15 17:15:10
(4 months ago)
Updated Date
2024-09-05 16:15:07
(13 days ago)