Vulnerabilities > Strangebee > Thehive > 3.3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-11 | CVE-2023-39069 | Improper Authentication vulnerability in Strangebee Cortex and Thehive An issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote attacker to gain privileges via Active Directory authentication mechanism. | 9.8 |
2019-06-02 | CVE-2017-18376 | Permissions, Privileges, and Access Controls vulnerability in Strangebee Thehive An improper authorization check in the User API in TheHive before 2.13.4 and 3.x before 3.3.1 allows users with read-only or read/write access to escalate their privileges to the administrator's privileges. | 8.8 |