Security Center
Monthly
Security Center's access control implementation fails to properly restrict authenticated users to their authorized scope, allowing privilege escalation to view sensitive data. An attacker with valid credentials can bypass authorization checks to access confidential information outside their assigned permissions. No patch is currently available for this vulnerability.
Authenticated users of Security Center can manipulate the 'owner' parameter to gain unauthorized elevated privileges through an indirect object reference flaw. This network-accessible vulnerability requires valid credentials but no user interaction, enabling privilege escalation attacks with moderate impact on confidentiality, integrity, and availability. No patch is currently available.
Security Center's access control implementation fails to properly restrict authenticated users to their authorized scope, allowing privilege escalation to view sensitive data. An attacker with valid credentials can bypass authorization checks to access confidential information outside their assigned permissions. No patch is currently available for this vulnerability.
Authenticated users of Security Center can manipulate the 'owner' parameter to gain unauthorized elevated privileges through an indirect object reference flaw. This network-accessible vulnerability requires valid credentials but no user interaction, enabling privilege escalation attacks with moderate impact on confidentiality, integrity, and availability. No patch is currently available.