Описание
An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.3:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.4:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00725
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-425
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.
EPSS
Процентиль: 72%
0.00725
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-425