Описание
Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write files or load apps that use all features of the product available to a customer.
Ссылки
EPSS
Процентиль: 55%
0.00327
Низкий
8.2 High
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 8.2
github
около 1 года назад
Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write files or load apps that use all features of the product available to a customer.
EPSS
Процентиль: 55%
0.00327
Низкий
8.2 High
CVSS3
Дефекты
CWE-306