| Title | There is unauthorized review and submission of information on the Maiwei Safety Production Digital Management Platform |
|---|
| Description | The Maiwei Safety Production Digital Management Platform has unauthorized access to pending approval information, which usually contains sensitive data. If unauthorized access is made to this information, attackers can obtain sensitive data, leading to privacy leakage and data abuse. Unauthorized access to pending approval information may lead to disruption of the approval process, such as malicious tampering, delayed approval, or unauthorized decision-making. This will affect business operations, trust relationships, and workflow. Attackers may exploit the vulnerability of unauthorized access to pending approval information to modify, delete, or add false information. This may lead to misleading and deceiving other personnel involved in the approval process, allowing them to make decisions based on incorrect or inaccurate information. Only specific personnel can access and process. Unauthorized access to this information may compromise confidentiality, exposing sensitive data to unauthorized personnel, leading to potential security risks. |
|---|
| Source | ⚠️ http://x.x.x.x:18007/api/DataDictionary/GetItemList |
|---|
| User | weal (UID 16371) |
|---|
| Submission | 11/03/2023 07:49 (3 years ago) |
|---|
| Moderation | 11/13/2023 11:18 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 245062 [Maiwei Safety Production Control Platform 4.1 GetItemList information disclosure] |
|---|
| Points | 20 |
|---|