Описание
An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege escalation.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:egerie:egerie:4.0.5:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00112
Низкий
8.8 High
CVSS3
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.8
github
почти 2 года назад
An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege escalation.
EPSS
Процентиль: 30%
0.00112
Низкий
8.8 High
CVSS3
Дефекты
NVD-CWE-Other