| Summary | Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with access in one org, to use the query() plugin, in a notebook cell, to run VQL queries on other orgs which they may not have access to. The user's permissions in the other org are |
|---|---|
| Publication Date | April 16, 2026, 3:17 a.m. |
| Registration Date | April 17, 2026, 4:11 a.m. |
| Last Update | April 16, 2026, 3:17 a.m. |
| CVSS3.1 : HIGH | |
| スコア | 8.0 |
|---|---|
| Vector | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 高 |
| 攻撃に必要な特権レベル(PR) | 高 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更あり |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |