logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

229 Business information leak - Power BI

Description

Business information is obtained, such as: - Strategic Information - KIPS - Sales Information - Dispatch Information

Impact

- Obtain strategic business information. - Obtain KPI indicators. - Obtain sales and dispatches information.

Recommendation

Establish access controls to resources with potentially sensitive information.

Threat

User not authenticated in the application from the Internet.

Expected Remediation Time

30 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

  • Attack vector: N
  • Attack complexity: L
  • Attack Requirements: N
  • Privileges required: N
  • User interaction: N
  • Confidentiality (VC): L
  • Integrity (VI): N
  • Availability (VA): N
  • Confidentiality (SC): N
  • Integrity (SI): N
  • Availability (SA): N

Threat 4.0

  • Exploit maturity: X

Requirements

Last updated

2024/02/16