A broken access control vulnerability is one where a user has unauthorized access to data in an application. Unauthorized access occurs when authentication checks are not properly configured. Attackers exploit broken access control so that they can access sensitive files and data.
Here are three ways you can control who has access to data in your system:
Be mindful of the access you permit for certain users in your system to have.
Enforce a strict password policy for other Indigo users.
Check your permissions and permission sets as to the access they provide.