Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
Metrics
Affected Vendors & Products
References
History
Thu, 10 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ellucian
Ellucian banner |
|
Weaknesses | CWE-639 | |
CPEs | cpe:2.3:a:ellucian:banner:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ellucian
Ellucian banner |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-02-13T00:00:00
Updated: 2024-08-02T21:53:45.306Z
Reserved: 2023-11-27T00:00:00
Link: CVE-2023-49339
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-02-13T01:15:08.287
Modified: 2024-11-21T08:33:15.793
Link: CVE-2023-49339
Redhat
No data.