exploitDog

GHSA-xpg5-6226-vf59

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to UserRoleKey=DOMAIN_ADMIN (to achieve Domain Administrator access).

An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to UserRoleKey=DOMAIN_ADMIN (to achieve Domain Administrator access).

Ссылки

EPSS

Процентиль: 54%

0.00314

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2020-9002

CVSS3: 7.5

nvd

больше 4 лет назад

An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to UserRoleKey=DOMAIN_ADMIN (to achieve Domain Administrator access).

EPSS

Процентиль: 54%

0.00314

Низкий

CVE ID

Дефекты

CWE-20