Описание
An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Several PHP pages, and other type of files, are reachable by any user without checking for user identity and authorization.
Ссылки
- Product
- ProductVendor Advisory
- ExploitThird Party Advisory
- Product
- ProductVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.15.0 (включая) до 4.29.0 (включая)
cpe:2.3:a:seling:visual_access_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00425
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Several PHP pages, and other type of files, are reachable by any user without checking for user identity and authorization.
EPSS
Процентиль: 62%
0.00425
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862