EIQ-2018-0014
ID |
EIQ-2018-0014 (Former ref.: 19229) |
CVE |
- |
Description |
Edit and delete rules without permission |
Date |
- |
Severity |
2 - MEDIUM |
CVSSv3 score |
CVSSv3 score not available on NIST NVD. |
Status |
2.4.0 |
Assessment |
Users without the modify rules permission can edit and delete rules through the corresponding context-menu options. They can also edit and delete rules by selecting Actions > Edit, and Actions > Delete on a rule detail pane. |
Mitigation |
To prevent users from editing and deleting rules, ensure they do not have the modify rules permission. |
Affected versions |
2.1.2 to 2.3.4 included. |
Notes |
- |