1 results (0.001 seconds)
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23447 – Elastic Network Drive Connector Improper Access Control
https://notcve.org/view.php?id=CVE-2024-23447
07 Feb 2024 — An issue was discovered in the Windows Network Drive Connector when using Document Level Security to assign permissions to a file, with explicit allow write and deny read. Although the document is not accessible to the user in Network Drive it is visible in search applications to the user. Se descubrió un problema en Windows Network Drive Connector al utilizar la seguridad a nivel de documento para asignar permisos a un archivo, con permiso explícito de escritura y denegación de lectura. Aunque el usuario n... • https://discuss.elastic.co/t/elastic-network-drive-connector-8-12-1-security-update-esa-2024-02/352687 • CWE-284: Improper Access Control •