Edulog Parent Portal Products Improper Access Controls | allinfosecnews.com

Dec. 12, 2023, 8 p.m. | Jimi Sebree

Tenable Research Advisories www.tenable.com

Edulog Parent Portal Products Improper Access Controls

Edulog’s Parent Portal and Parent Portal Lite services were affected by security-related issues regarding their authentication and access control implementations. These issues could have allowed a malicious actor to enumerate and access potentially sensitive information. This information includes, but is not limited to, data regarding students (most of whom are minors), their schools, parents, bus routes, GPS information, and proximity to given bus stops.

Normal operation of the frontend apps for these services …

access access control access controls actor authentication control controls data information malicious portal products security sensitive sensitive information services students

More from www.tenable.com / Tenable Research Advisories

Approach.App Multiple Vulnerabilities 1 week, 6 days ago | www.tenable.com

app application exploitation management +9

Karros Technologies Authentication Bypass 1 week, 6 days ago | www.tenable.com

authentication authentication bypass bypass technologies

Ivanti Avalanche WLAvalancheService.exe Unauthenticated Heap-based Buffer Overflow 2 weeks, 1 day ago | www.tenable.com

avalanche big buffer buffer overflow +12

Path Traversal Affecting Multiple CData Products 3 weeks, 6 days ago | www.tenable.com

application attachment cookie date +14

LG LED Assistant v2.1.65 Multiple Vulnerabilities 1 month ago | www.tenable.com

assistant led vulnerabilities

Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities 1 month, 2 weeks ago | www.tenable.com

arcserve data data protection protection +1

Microsoft Azure Synapse Analytics - Privilege Escalation via Vegas Caching Service 1 month, 3 weeks ago | www.tenable.com

analytics azure azure synapse caching +8

Showdownjs Denial of Service 2 months ago | www.tenable.com

can command concept conditions +17

Missing Authentication for Critical Function in Adobe FrameMaker Publishing Server (FMPS) 2 months, 2 weeks ago | www.tenable.com

accesstoken admin adobe authentication +9

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Information Security Engineer, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

BaaN IV Techno-functional consultant-On-Balfour

@ Marlabs | Piscataway, US

View on infosec-jobs.com

Senior Security Analyst

@ BETSOL | Bengaluru, India

View on infosec-jobs.com

Security Operations Centre Operator

@ NEXTDC | West Footscray, Australia

View on infosec-jobs.com

Senior Network and Security Research Officer

@ University of Toronto | Toronto, ON, CA

View on infosec-jobs.com