CVE-2021-3380

Опубликовано: 10 нояб. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.

Ссылки

http://height8.com
Not Applicable
http://icrem.com
Not Applicable
http://www.height8tech.com/carrier-grade-OSS-BSS.php
Vendor Advisory
https://www.exploit-db.com/exploits/49508
Exploit
Third Party Advisory
VDB Entry
http://height8.com
Not Applicable
http://icrem.com
Not Applicable
http://www.height8tech.com/carrier-grade-OSS-BSS.php
Vendor Advisory
https://www.exploit-db.com/exploits/49508
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:height8tech:h8_ssrms:-:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00235

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-639

Связанные уязвимости

GHSA-r62c-gw4m-r5qj