CVE-2023-36106

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 17, 2023
Updated: Aug 23, 2023

Summary

CVE-2023-36106 is a newly disclosed vulnerability affecting powerjob versions 4.3.2 and older. This issue stems from an incorrect access control mechanism, which enables remote attackers to access sensitive information. The vulnerability can be exploited through the interface by making a query using the appId parameter in the /container/list endpoint. Successful exploitation could lead to the leakage of confidential data, posing a significant security risk to affected systems. Organizations using powerjob are strongly advised to update to the latest version to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share