NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report (that belongs to an arbitrary user).
Metrics
Affected Vendors & Products
References
History
Fri, 20 Jun 2025 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ncia
Ncia advisor Network |
|
CPEs | cpe:2.3:a:ncia:advisor_network:3.4.1:*:*:*:*:*:*:* | |
Vendors & Products |
Ncia
Ncia advisor Network |

Status: PUBLISHED
Assigner: mitre
Published: 2024-07-17T00:00:00
Updated: 2024-08-02T04:12:24.560Z
Reserved: 2024-06-16T00:00:00
Link: CVE-2024-38447

Updated: 2024-08-02T04:12:24.560Z

Status : Analyzed
Published: 2024-07-17T18:15:03.990
Modified: 2025-06-20T18:09:39.037
Link: CVE-2024-38447

No data.