Описание
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ontariosystems:artiva_architect:3.2:mr5:*:*:*:*:*:*
cpe:2.3:a:ontariosystems:artiva_healthcare:5.2:mr5:*:*:*:*:*:*
cpe:2.3:a:ontariosystems:artiva_rm:3.1:mr7:*:*:*:*:*:*
cpe:2.3:a:ontariosystems:artiva_workstation:1.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.0031
Низкий
3.5 Low
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.
EPSS
Процентиль: 54%
0.0031
Низкий
3.5 Low
CVSS2
Дефекты
CWE-287