Описание
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact information.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.13.3 (включая)Версия до 2.13.3 (включая)
Одно из
cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-863
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
больше 2 лет назад
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact information.
EPSS
Процентиль: 20%
0.00063
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-863
NVD-CWE-noinfo