CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-9943

HIGH
7.5
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile30.40th
Published2020年6月17日
Last Modified2024年11月21日

Vulnerability Description

In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.

Affected Platforms (CPE)

📦
Openmicroscopy

Omero.server

>= 5.1.0 and <= 5.6.0

References & Advisories

🔗 https://www.openmicroscopy.org/security/advisories/2019-SV2/
🔗 https://www.openmicroscopy.org/security/advisories/2019-SV2/

関連する脆弱性情報

CVE-2019-002010.0

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full contr...

CVE-2019-002210.0

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full contro...

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...