alert3/main.txt

Created February 27, 2023 19:42

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/alert3/04e2d0a934001180104f846cfa00552b.js"></script>
Save alert3/04e2d0a934001180104f846cfa00552b to your computer and use it in GitHub Desktop.

Download ZIP

DataIku DSS < 11.3.2 - Broken Authorization

Raw

This is a description of Broken Object Level Authorization (BOLA) vulnerability found in DataIku DSS < 11.3.2

Author

alert3 commented Feb 27, 2023 •

edited

Product

DataIku DSS before 11.3.2

Author

Amin Rawah

CVE ID

Description

A malicious user with normal privilege can download other DataIku users’ files under the myfile section which includes user config and other resources. This can be achieved by specifying the targeted username on the query string path to get his/her files.

PoC

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment