Описание
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.0.33 (включая)
cpe:2.3:a:zucchetti:helpdeskadvanced:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00162
Низкий
8.8 High
CVSS3
Дефекты
CWE-281
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.
EPSS
Процентиль: 37%
0.00162
Низкий
8.8 High
CVSS3
Дефекты
CWE-281