Vulnerability in Kiuwan Sast
CVE-2023-49112
Kiuwan provides an API endpoint /saas/rest/v1/info/application to get information about any application, providing only its name via the "application" parameter. This endpoint lacks proper access control mechanisms, allowing other auth…
EPSS: 0.001 (31.5th percentile) — read the EPSS interpretation.
Affected products
- Kiuwan Sast — versions <master.1808.p685.q13371
References
- r.sec-consult.com/kiuwan (third-party-advisory)
- www.kiuwan.com/docs/display/K5/[2024-05-30]+Change+Log (release-notes)