CyberRota
← Ana sayfaya dön

CVE-2026-56152

MEDIUM · CVSS 5.3

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-01T17:16:37.273 · Çekilme zamanı: 2026-07-01T18:38:08.476761+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-56152
Severity
MEDIUM
CVSS
5.3
EPSS
Yok

Orijinal NVD Açıklaması

Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to view.