Friday, December 11, 2020

OpenAsset Digital Asset Management Insecure Direct Object Reference

OpenAsset Digital Asset Management was found to provide several endpoints which allowed for unauthenticated data retrieval in a CSV format. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
OpenAsset Digital Asset Management Insecure Direct Object Reference
 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated