Описание
An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie.
Ссылки
- Permissions Required
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ncr:terminal_handler:1.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00052
Низкий
8.1 High
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.1
github
8 месяцев назад
An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie.
EPSS
Процентиль: 17%
0.00052
Низкий
8.1 High
CVSS3
Дефекты
CWE-284