An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format.
References
Link | Resource |
---|---|
https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/ | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-04-25 18:29
Updated : 2019-10-03 00:03
NVD link : CVE-2018-10207
Mitre link : CVE-2018-10207
CVE.ORG link : CVE-2018-10207
JSON object : View
Products Affected
vaultize
- enterprise_file_sharing
CWE
CWE-862
Missing Authorization