[Forgot Password]
Login  Register Subscribe

26309

 
 

132812

 
 

150489

 
 

909

 
 

119739

 
 

158

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2020-8817Date: (C)2020-09-15   (M)2020-09-21


Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.1CVSS Score : 5.5
Exploit Score: 2.8Exploit Score: 8.0
Impact Score: 5.2Impact Score: 4.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: SINGLE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: NONE
Integrity: HIGH 
Availability: NONE 
  
Reference:
https://doc.dataiku.com/dss/latest/release_notes/6.0.htm
https://doc.dataiku.com/dss/latest/security/advisories/cve-2020-8817.html

© SecPod Technologies