CVE-2023-36106
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-36106 is a newly disclosed vulnerability affecting powerjob versions 4.3.2 and older. This issue stems from an incorrect access control mechanism, which enables remote attackers to access sensitive information. The vulnerability can be exploited through the interface by making a query using the appId parameter in the /container/list endpoint. Successful exploitation could lead to the leakage of confidential data, posing a significant security risk to affected systems. Organizations using powerjob are strongly advised to update to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.