CVE-2023-36646

Published: 2023-12-12T00:15Z

Last Modified: 2024-11-21T08:10Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt