exploitDog

GHSA-cwqv-v22x-hjm2

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.

Ссылки

EPSS

Процентиль: 98%

0.47703

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2018-10285

CVSS3: 9.8

nvd

почти 8 лет назад

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.

EPSS

Процентиль: 98%

0.47703

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-732