Insecure Direct Object Reference (IDOR) Vulnerability in Marval MSM v14.19.0.12476: Unauthorized Access to API Keys

Insecure Direct Object Reference (IDOR) Vulnerability in Marval MSM v14.19.0.12476: Unauthorized Access to API Keys

CVE-2022-31883 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.

Learn more about our Api Penetration Testing.