Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.
Authentication Bypass
Insight Platform
NVD
CVSS 3.1
3.1
EPSS
0.2%