CVE-2020-28402

Опубликовано: 29 янв. 2021

Источник: nvd

CVSS3: 5.4

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.

Ссылки

https://cds.thalesgroup.com/en/tcs-cert/CVE-2020-28402
https://excellium-services.com/cert-xlm-advisory/CVE-2020-28402
Third Party Advisory
https://www.starpracticemanagement.com/
Product
https://excellium-services.com/cert-xlm-advisory/CVE-2020-28402
Third Party Advisory
https://www.starpracticemanagement.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iris:star_practice_management:2019.2.0.6:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00351

Низкий

5.4 Medium

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-fpmq-9j97-cq2c

CVSS3: 8.8

github

больше 3 лет назад

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.

EPSS

Процентиль: 57%

0.00351

Низкий

5.4 Medium

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo