Описание
/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.
Ссылки
- Third Party Advisory
- ProductVendor Advisory
- Third Party Advisory
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.278-2693 (исключая)
cpe:2.3:a:openwaygroup:way4:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00319
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-209
Связанные уязвимости
github
больше 3 лет назад
/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.
EPSS
Процентиль: 55%
0.00319
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-209