exploitDog

CVE-2021-44838

Опубликовано: 18 янв. 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies.

Ссылки

https://gist.github.com/rntcruz23/6575c0ef45c30687c538361910bb8ab3
Exploit
Third Party Advisory
https://www.deltarm.com
Product
Vendor Advisory
https://gist.github.com/rntcruz23/6575c0ef45c30687c538361910bb8ab3
Exploit
Third Party Advisory
https://www.deltarm.com
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltarm:delta_rm:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00225

Низкий

4.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-phg8-x4rr-qpgf

CVSS3: 4.3

github

около 4 лет назад

An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies.

EPSS

Процентиль: 45%

0.00225

Низкий

4.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other