Vulnerabilities > CVE-2020-9300 - Unspecified vulnerability in Netflix Dispatch

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

netflix

NVD

Published: 2020-11-09

Updated: 2020-11-18

Summary

The Access Control issues include allowing a regular user to view a restricted incident, user role escalation to admin, users adding themselves as a participant in a restricted incident, and users able to view restricted incidents via the search feature. If your install has followed the secure deployment guidelines the risk of this is lowered, as this may only be exploited by an authenticated user.

Vulnerable Configurations

Part	Description	Count
Application	Netflix Netflix Dispatch - Netflix Dispatch 20200421 Netflix Dispatch 20200518 Netflix Dispatch 20200603 Netflix Dispatch 20200617 Netflix Dispatch 20200702 Netflix Dispatch 20200727 Netflix Dispatch 20200922 Netflix Dispatch 20200922.1 Netflix Dispatch 20201001 Netflix Dispatch 20201013 Netflix Dispatch 20201027	12

Summary

Vulnerable Configurations

References