Описание
An issue discovered in Relyum RELY-PCIe 22.2.1 devices. The authorization mechanism is not enforced in the web interface, allowing a low-privileged user to execute administrative functions.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:relyum:rely-pcie_firmware:22.2.1:*:*:*:*:*:*:*
cpe:2.3:h:relyum:rely-pcie:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:relyum:rely-rec_firmware:23.1.0:*:*:*:*:*:*:*
cpe:2.3:h:relyum:rely-rec:-:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00212
Низкий
8.8 High
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 8.8
github
около 2 лет назад
An issue discovered in Relyum RELY-PCIe 22.2.1 devices. The authorization mechanism is not enforced in the web interface, allowing a low-privileged user to execute administrative functions.
EPSS
Процентиль: 44%
0.00212
Низкий
8.8 High
CVSS3
Дефекты
CWE-862