Filtered by vendor Strangebee
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18376 | 1 Strangebee | 1 Thehive | 2023-09-15 | 6.5 MEDIUM | 8.8 HIGH |
| An improper authorization check in the User API in TheHive before 2.13.4 and 3.x before 3.3.1 allows users with read-only or read/write access to escalate their privileges to the administrator's privileges. This affects app/controllers/UserCtrl.scala. | |||||
| CVE-2023-39069 | 1 Strangebee | 2 Cortex, Thehive | 2023-09-15 | N/A | 9.8 CRITICAL |
| An issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote attacker to gain privileges via Active Directory authentication mechanism. | |||||