Mindbreeze API Authentication Role Fixes (MINDBREEZE33949)

ID: MINDBREEZE33949 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS  
Severity: High 
Status: Final 
First published: January 28, 2025 
CVEs: MINDBREEZE33949 

Summary

Fixed incorrect privilege assignment on some API endpoints, which may allow access to restricted information.

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire Release 24.8 Hotfix 1
• Mindbreeze InSpire Saas Release 24.8 Hotfix 1