Описание
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:splus:soroushplus:1.0.30:*:*:*:desktop:*:*:*
Одно из
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.27606
Средний
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 9.1
github
почти 4 года назад
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function.
EPSS
Процентиль: 96%
0.27606
Средний
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-863