Описание
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
Ссылки
- Vendor Advisory
- Issue TrackingVendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00338
Низкий
8.8 High
CVSS3
Дефекты
CWE-281
CWE-281
Связанные уязвимости
CVSS3: 7.1
redhat
больше 4 лет назад
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
CVSS3: 8.8
github
больше 3 лет назад
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
EPSS
Процентиль: 56%
0.00338
Низкий
8.8 High
CVSS3
Дефекты
CWE-281
CWE-281