Описание
An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing client-side access controls.
EPSS
Процентиль: 32%
0.00127
Низкий
8.8 High
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 8.8
github
12 месяцев назад
An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing client-side access controls.
EPSS
Процентиль: 32%
0.00127
Низкий
8.8 High
CVSS3
Дефекты
CWE-639