exploitDog

GHSA-rw7c-r2hj-99vq

Опубликовано: 06 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.

Ссылки

EPSS

Процентиль: 62%

0.00423

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2021-45891

CVSS3: 8.8

nvd

почти 4 года назад

An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4., that allows attackers to escalate privileges within the application, since all permission checks are done client-side, not server-side.

EPSS

Процентиль: 62%

0.00423

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-269