← Zuruck zu CVEs
CVE-2026-6355
MEDIUM6.5
Beschreibung
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration.
CVE Details
CVSS v3.1 Bewertung6.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht4/22/2026
Zuletzt geandert4/22/2026
Quellenvd
Honeypot-Sichtungen0
Referenzen
https://github.com/Penguinsecq/CVE-2026-6355/(cret@cert.org)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.