Описание
In StarWind Command Center before V2 build 6021, an authenticated read-only user can elevate privileges to administrator through the REST API.
In StarWind Command Center before V2 build 6021, an authenticated read-only user can elevate privileges to administrator through the REST API.
Связанные уязвимости
CVSS3: 8.8
nvd
около 4 лет назад
A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to elevate privileges up to the system account. This affects StarWind Command Center build 6003 v2.