CVE-2022-36542

Опубликовано: 26 авг. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An access control issue in the component /ip/admin/ of Edoc-doctor-appointment-system v1.0.1 allows attackers to arbitrarily edit, read, and delete Administrator data.

Ссылки

https://github.com/HashenUdara/edoc-doctor-appointment-system
Product
Third Party Advisory
https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system
Third Party Advisory
https://github.com/HashenUdara/edoc-doctor-appointment-system
Product
Third Party Advisory
https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hashenudara:edoc-doctor-appointment-system:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00311

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-cp2g-2f5m-6hhj