{"vulnerability": "CVE-2022-31683", "sightings": [{"uuid": "66c5e1bf-ac78-4dcc-bb67-d8e7c1e66722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31683", "type": "seen", "source": "https://t.me/cibsecurity/54885", "content": "\u203c CVE-2022-31683 \u203c\n\nConcourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9) contains an authorization bypass issue. A Concourse user can send a request with body including :team_name=team2 to bypass team scope check to gain access to certain resources belong to any other team.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T18:11:36.000000Z"}]}