Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints).
Netwrix Usercube anterior a 6.0.215, en ciertas instalaciones locales mal configuradas, permite omitir la autenticación en los endpoints de implementación, lo que lleva a una escalada de privilegios. Esto solo ocurre si la configuración omite los campos restSettings.AuthorizedClientId y restSettings.AuthorizedSecret requeridos (para los endpoints POST /api/Deployment/ExportConfiguration y POST /api/Deployment).
