Описание
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication.
Ссылки
- Vendor Advisory
- Product
- Vendor Advisory
- Product
Уязвимые конфигурации
Одно из
EPSS
10 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle username and password. Certain unexpected content passed into the credentials can lead to unauthorized access without proper authentication.
Уязвимость программного обеспечения для управления идентификацией OpenEdge Authentication Gateway, связанная с обходом аутентификации в силу исходной ошибки, позволяющая нарушителю повысить свои привилегии
EPSS
10 Critical
CVSS3
9.8 Critical
CVSS3