exploitDog

GHSA-qq7j-4r39-whmx

Опубликовано: 29 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.

An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.

Ссылки

EPSS

Процентиль: 46%

0.00232

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2022-43326

CVSS3: 7.5

nvd

около 3 лет назад

An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.

EPSS

Процентиль: 46%

0.00232

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639