Unrated severityNVD Advisory· Published Aug 19, 2021· Updated Sep 17, 2024
Rapid7 Nexpose Security Console Ticket Access Authentication Vulnerability
CVE-2021-31868
Description
Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to view and edit any ticket in the legacy ticketing feature, regardless of the assignment of the ticket. This issue was resolved in version 6.6.96, released on August 4, 2021.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- docs.rapid7.com/release-notes/nexpose/20210804/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.